Drupal Core system.temporary Information Disclosure Vulnerability (CVE-2016-7572)
Publish Date: 11 de stycznia de 2017
Severity: : Medium
DESCRIPTION
Drupal Core is prone to a information disclosure vulnerability. The vulnerability is due to insufficient access control on the ability to download a full configuration export. A remote, authenticated user can exploit this vulnerability by sending a crafted request to the target. Successful exploitation could lead to disclosure of sensitive information.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1008096