This security bulletin contains one low risk vulnerability.
CWE-200 - Information Exposure
Exploit availability: NoDescription
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists in the REST interface due to debug parameter removal bypass. A remote attacker can gain access to potentially sensitive information.Mitigation
Install update from vendor's website.Vulnerable software versions
Red Hat Enterprise Linux for x86_64: 6
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?