A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to th…
A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
The product released to market is released in pre-production or manufacturing configuration.
https://cwe.mitre.org/data/definitions/1269.html →Open in CWE collection →An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.
https://capec.mitre.org/data/definitions/439.html →Open in CAPEC collection →