Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServiceProvider.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-11-09T19:00:00
Updated: 2024-08-05T20:35:20.889Z
Reserved: 2017-11-09T00:00:00
Link: CVE-2017-16754
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-11-10T02:29:19.107
Modified: 2021-01-04T18:20:05.140
Link: CVE-2017-16754
Redhat
No data.