Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.

Related CVEs

CVE-2023-3349

Key Information

GHSA ID

GHSA-cr9w-99vr-7f2h

Published

October 3, 2023 3:30 PM

Last Modified

April 4, 2024 8:11 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 31, 2025 6:36 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.