Vulnerability Details CVE-2015-1613
RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.6%
CVSS Severity
CVSS v2 Score 4.0
References
Products affected by CVE-2015-1613
-
cpe:2.3:a:rhodecode:rhodecode_enterprise:2.2.6