- Description
- Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenticated users to discover and access unlisted questions, their answers, comments, and revision history. Users are recommended to upgrade to version 2.0.1, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- answer
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- security@apache.org
- CWE-200
- Hype score
- Not currently trending
🚨*CVE* CVE-2026-34905 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question fe… https://t.co/jRrIKeUVFX ----- Traducción: CVE-2026-34905 Exp… https://t.co/utmtNg
@infoflowcloud
9 Jun 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-34905 CVE-2026-34905 https://t.co/1dIMueFMea
@VulmonFeeds
9 Jun 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9547BB-CB67-4B4D-B33D-4BF889D6E311",
"versionEndExcluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]