Information Disclosure of sensitive data CVE-2017-5487

Disclosed by
kartikeyvinayak's avatar
kartikeyvinayak
  • Engagement Undisclosed
  • Disclosed date over 2 years ago
  • Priority P5 Bugcrowd's VRT priority rating
  • Status Informational This vulnerability is seen as an accepted business risk
Summary by kartikeyvinayak

I found a information disclosure during recon with my custom script with CVE-2017-5487

Activity
  1. Akitsugu_Ito’s avatar
    Akitsugu_Ito Customer published the disclosure report

    ()

  2. kartikeyvinayak’s avatar
    kartikeyvinayak requested disclosure

    ()

  3. harris_bugcrowd’s avatarbugcrowd logo
    harris_bugcrowd sent a message

    ()

  4. harris_bugcrowd’s avatarbugcrowd logo
    harris_bugcrowd marked the submission a duplicate of a previously submitted report

    ()

  5. harris_bugcrowd’s avatarbugcrowd logo
    harris_bugcrowd changed the state to Informational

    ()

  6. harris_bugcrowd’s avatarbugcrowd logo
    harris_bugcrowd updated VRT to Server Security Misconfiguration > Directory Listing Enabled > Non-Sensitive Data Exposure

    ()

  7. kartikeyvinayak’s avatar
    kartikeyvinayak created the submission

    ()