In OpenWrt LuCI git-20.x, remote unauthenticated attackers can retrieve the list of installed packages and services. NOTE: the vendor disputes the significance of this report because, for instances reachable by an unauthenticated actor, the same information is available in other (more complex) ways, and there is no plan to restrict the information further
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-23T19:45:25
Updated: 2024-08-04T11:14:15.626Z
Reserved: 2020-03-23T00:00:00
Link: CVE-2020-10871
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-03-23T20:15:11.917
Modified: 2024-08-04T12:15:21.150
Link: CVE-2020-10871
Redhat
No data.