CVE-2019-15032

Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, and the remote-upload option is used with the http://localhost:22 URL. The attacker can obtain sensitive information such as the name of the user who created that directory and other internal server information.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:pydio:pydio:6.0.8:*:*:*:*:*:*:*

Information

Published : 2019-09-19 10:15

Updated : 2019-09-19 12:44


NVD link : CVE-2019-15032

Mitre link : CVE-2019-15032


JSON object : View

CWE
CWE-209

Generation of Error Message Containing Sensitive Information

Advertisement

dedicated server usa

Products Affected

pydio

  • pydio