Unrestricted Access to API Key in Battelle V2I Hub 2.5.1

Unrestricted Access to API Key in Battelle V2I Hub 2.5.1

CVE-2018-1000627 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict access to the API key file. An attacker could exploit this vulnerability to obtain the current API key to gain unauthorized access to the system.

Learn more about our Api Penetration Testing.