Internal IP Disclosure

Description

Cytrix has detected an internal IPv4 address in your system.
Internal IP Disclosure means that the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

These IPv4 addresses could expose information about the IP addressing scheme being used in your internal network.

That could be very dangerous to your business if SSRF(Server-side request forgery), RFI (Remote file inclusion) or LFI (Local file inclusion) are possible.
If possible, more information about the internal network can be obtained by the attacker, making his attacks more dangerous.

Recommendation

To prevent any Internal IP Disclosure, make sure that these IP Addresses are not being displayed to any, unauthorized actors.

References

https://cwe.mitre.org/data/definitions/200.html

< Return to all Vulnerabilities

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »