Primary

Context

ATISoluciones CIGES Application Sensitive Information Disclosure Vulnerability

Vulnerability

A vulnerability allowing sensitive information disclosure exists in the error handling component of ATISoluciones CIGES Application versions through 2.15.6. The issue arises when certain unexpected conditions lead to unhandled exceptions, causing the application to return detailed error messages and stack traces to the client. This behavior may expose internal filesystem paths, SQL queries, database connection details, or environment configuration data to remote unauthenticated attackers. While this vulnerability facilitates information gathering and reconnaissance, it does not allow for direct system compromise.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of sensitive information, including internal filesystem paths, SQL queries, database connection details, and environment configuration data.

Remediation

Users can upgrade to ATISoluciones CIGES Application version 2.15.7 to address this vulnerability.

Added: Nov 24, 2025, 8:17 AM

Updated: Nov 24, 2025, 8:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

1.1

threat

0.0

urgency

0.0

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

1.1

threat

0.0

urgency

0.0

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ATISoluciones CIGES Application Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating