CVE-2020-11450

Name of the Vulnerable Software and Affected Versions Microstrategy Web versions prior to 11.0

Description The issue exposes sensitive information such as JVM configuration, CPU architecture, and installation folder through the API endpoint "/MicroStrategyWS/happyaxis.jsp". This could allow an attacker to gather details about the environment the application is running in.

Recommendations For versions prior to 11.0, update to version 11.0 or higher to mitigate the issue. As a temporary workaround, consider restricting access to the "/MicroStrategyWS/happyaxis.jsp" API endpoint until the update is applied.