Dte Energy · Dte Energy Insight · CVE-2016-1562
**Name of the Vulnerable Software and Affected Versions**
DTE Energy Insight application versions prior to 1.7.8
**Description**
The issue concerns the REST API in the DTE Energy Insight application, where remote authenticated users can obtain unspecified customer information. This is achieved by using a SQL expression in the `filter` parameter.
**Recommendations**
For versions prior to 1.7.8, update to version 1.7.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the REST API or limiting the use of the `filter` parameter until the update is applied.