PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.
The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Powerpath_management_appliance | Dell | 3.0 (including) | 3.4 (excluding) |