CVE-2015-10011

MEDIUM

OpenDNS OpenResolve - Info Disclosure

Title source: llm

Description

A vulnerability classified as problematic has been found in OpenDNS OpenResolve. This affects an unknown part of the file resolverapi/endpoints.py. The manipulation leads to improper output neutralization for logs. The identifier of the patch is 9eba6ba5abd89d0e36a008921eb307fcef8c5311. It is recommended to apply a patch to fix this issue. The identifier VDB-217197 was assigned to this vulnerability.

References (3)

[Permissions Required, Third Party Advisory] https://vuldb.com/?id.217197

[Permissions Required, Third Party Advisory] https://vuldb.com/?ctiid.217197

[Patch, Third Party Advisory] https://github.com/opendns/OpenResolve/commit/9eba6ba5abd89d0e36a008921eb307fcef8c5311

Scores

CVSS v3 4.6

EPSS 0.0026

EPSS Percentile 49.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-116 CWE-117

Status published

Products (1)

cisco/openresolve < 2015-08-03

Published Jan 02, 2023

Tracked Since Feb 18, 2026