CVE-2023-32550

Summary

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

Affected Software

VendorProductVersion RangeStatus
Canonical Ltd.Landscape0 < 19.10.05affected

Weaknesses

  • CWE-497: CWE-497

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References