Vulnerability Details CVE-2018-10863
It was discovered that redhat-certification 7 is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory, through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2018-10863
-
cpe:2.3:a:redhat:certification:7.0