UNC Server and Share Disclosure

Summary

Netsparker identified a UNC server and share disclosure.

Impact

An attacker can perform brute-force or dictionary-based password guessing on the disclosed username. It may also help the attacker identify other vulnerabilities or further their exploitation of other identified vulnerabilities.

Remediation

Remove this kind of sensitive data from the output.

Classifications

CWE-16, ISO27001-A.18.1.3, WASC-15, OWASP PC-C7, OWASP 2013-A5, OWASP 2017-A6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Vulnerability Index

You can search and find all vulnerabilities

Select Category

Critical
High
Medium
Low
Best Practice
Information

Search Vulnerability

Related Vulnerabilities

Blind Command Injection
Out of Band Code Evaluation (ASP)
Stack Trace Disclosure (ASP.NET)
Version Disclosure (Apache)
Version Disclosure (Perl)

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO