Information Disclosure Vulnerability in Management Center (MC) REST API Allows Unauthorized Access to Passwords
CVE-2019-9697 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access.
Learn more about our Cis Benchmark Audit For Server Software.