HTTP: Mango Automation Debug Log View
This signature detects attempts to exploit a known vulnerability against Mango Automation. A successful attack can lead to sensitive information disclosure.
Extended Description
Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and then visiting a certain status page.
Affected Products
Infinite_automation_systems mango_automation
References
BugTraq: 77331
CVE: CVE-2015-7900
URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5260.php
Short Name
HTTP:INFO:MANGO-DEBUG-ID
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Automation CVE-2015-7900 Debug Log Mango View bid:77331
Release Date
05/21/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Infinite_automation_systems
CVSS Score
4.3