1 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information. PingCentral versiones anteriores a las enumeradas exponen endpoints de actuadores de Spring Boot que, con autenticación administrativa, devuelven grandes cantidades de información confidencial del entorno y de la aplicación • https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html https://www.pingidentity.com/en/resources/downloads/pingcentral.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •