CVE-2014-2356

Summary

Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.

Affected Software

VendorProductVersion RangeStatus
InnominatemGuard4.0.0 <= 8.0.2affected
InnominatemGuard7.6.4unaffected
InnominatemGuard8.0.3unaffected
InnominatemGuard8.1.0unaffected
InnominatemGuard8.1.1unaffected

Weaknesses

  • CWE-200: CWE-200

ADP Enrichment

CVE Program Container

Additional References

References