| ID | CVE-2018-7272 | ||||||
| Sažetak | The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows attackers to obtain sensitive information by finding an ID value in a log file. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:S/C:P/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 18-03-2018 - 14:08 | ||||||
| Objavljeno | 21-02-2018 - 00:29 |
