AnsweredAssumed Answered

QID: 150059 - Query

Question asked by network.novice on Feb 13, 2013
Latest reply on Jun 7, 2013 by Bernie Weidel

Hi Experts,

 

Been working on our PCI Compliance for more than a week now. I came across this vulnerability, wondering if someone could point out to me the right direction for this one. Unlike any other QID's that I came across that has several CVE's for other sources, this one hasn't. I've been trying to google for any relevant info about this but I think I may haven't found the correct info yet. Please help.

 

 

VULNERABILITY DETAILS

CVSS Base Score: 5 [1] AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Temporal Score: 3.8 E:U/RL:TF/RC:C

Severity: 1

QID: 150059

Category: Web Application

CVE ID: -

Vendor Reference: -

Bugtraq ID: -

Service Modified: 09/13/2012

User Modified: -

Edited: No

THREAT:

Windows specific file path was detected in the response.

IMPACT:

The response may be an error response that disclosed a local file path. This may potentially be a sensitive information.

SOLUTION:

The content should be reviewed to determine whether it could be masked or removed.

COMPLIANCE:

Not Applicable

RESULTS:

url: https://10.0.1.27:3202/

matched: C:\Windows\System32

 

 

Hoping to hear from you soon.

Thank you.

Outcomes