CVE-2018-7209

Name of the Vulnerable Software and Affected Versions iDashboards version 9.6b

Description An issue in iDashboards allows remote attackers to obtain sensitive information via a direct request for the "idashboards/config.xml" URI. This can be demonstrated by accessing intranet URLs for reports.

Recommendations For iDashboards version 9.6b, consider restricting access to the "idashboards/config.xml" URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.