CVE-2013-3507

Name of the Vulnerable Software and Affected Versions GroundWork Monitor Enterprise version 6.7.0

Description The issue allows remote authenticated users to obtain sensitive information via a direct request for certain files or contexts, including (1) a configuration file, (2) a database dump, or (3) the Tomcat status context.

Recommendations For GroundWork Monitor Enterprise version 6.7.0, restrict access to sensitive files and contexts, such as configuration files, database dumps, and the Tomcat status context, to prevent unauthorized access. Consider disabling direct requests for these sensitive resources until a fix is available.