QwikSec

Security Database

CVE

CWE

Training

CVE-2023-26735

Published: Apr 25, 2023

Modified: Feb 4, 2025

PUBLISHED

Description

blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://blackboxexporter.com

http://prometheus.com

https://github.com/prometheus/blackbox_exporter/issues/1024

https://github.com/prometheus/blackbox_exporter/issues/1025

https://github.com/prometheus/blackbox_exporter/issues/1026

https://github.com/prometheus/blackbox_exporter#tls-and-basic-authentication

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.