Back to search
CVE-2008-3717
Published: Aug 19, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
harmoni-security-bypass(44485)
vdb-entry
x_refsource_XF
http://sourceforge.net/project/shownotes.php?release_id=619864
x_refsource_CONFIRM
30706
vdb-entry
x_refsource_BID
31503
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now