PT-2023-14064 · Unknown · Dast Api Scanner
Michael Eddington
·
Published
2023-02-01
·
Updated
2023-02-07
·
CVE-2022-4206
CVSS v3.1
5.0
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
DAST API scanner versions 1.6.50 through 2.0.101
Description
A sensitive information leak issue has been discovered, exposing the
Authorization header in the vulnerability report. This issue affects all versions of the DAST API scanner prior to version 2.0.102.Recommendations
For versions 1.6.50 through 2.0.101, update to version 2.0.102 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerability report to minimize the risk of exploitation.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dast Api Scanner