Invia #313847: https://gitee.com/dromara/open-capacity-platform open-capacity-platform v2.0.1 Security Misconfigurationinformazioni

Titolohttps://gitee.com/dromara/open-capacity-platform open-capacity-platform v2.0.1 Security Misconfiguration
Descrizioneocp(open-capacity-platform) is an enterprise microservice framework based on layui+springcloud (user rights management, Configuration center management, application management,....). Its core design goal is to separate the front and back end, rapid development and deployment, simple learning, powerful, to provide fast access to the core interface capabilities, its goal is to help enterprises build a set of similar Baidu ability open platform framework. The auth-server component of ocp has a security configuration vulnerability. It can access all actuator terminals, including dangerous ports such as heapdump, which exposes sensitive information.
Fonte⚠️ https://github.com/ggfzx/OCP-Security-Misconfiguration/tree/main
Utente
 ggfzx (UID 67509)
Sottomissione10/04/2024 06:27 (2 anni fa)
Moderazione17/04/2024 18:46 (8 days later)
StatoAccettato
Voce VulDB261367 [Dromara open-capacity-platform 2.0.1 auth-server /actuator/heapdump rivelazione di informazioni]
Punti20

Might our Artificial Intelligence support you?

Check our Alexa App!