CVE-2016-0870 in Tracer SCinfo

Summary

The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/17/2015

Disclosure

09/18/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
91684Trane Tracer SC Web Server Config information disclosure200Not definedWorkaroundCVE-2016-0870

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!