Server-Status Page Data Leak: Exposing Sensitive System Information and API Vulnerability

Server-Status Page Data Leak: Exposing Sensitive System Information and API Vulnerability

CVE-2023-32550 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

Learn more about our Cis Benchmark Audit For Server Software.