We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces
The following three interfaces can be accessed without authorization and leak sensitive server information. http://localhost:1157/actuator/metrics/ http://localhost:1157/actuator/health http://localhost:1157/actuator/env
http://localhost:1157/actuator/metrics/ http://localhost:1157/actuator/health http://localhost:1157/actuator/env
Disclosure of sensitive server information.
Summary
Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces
Details
The following three interfaces can be accessed without authorization and leak sensitive server information.
http://localhost:1157/actuator/metrics/
http://localhost:1157/actuator/health
http://localhost:1157/actuator/env
PoC
http://localhost:1157/actuator/metrics/
http://localhost:1157/actuator/health
http://localhost:1157/actuator/env
Impact
Disclosure of sensitive server information.