CVE-2025-15141
Information Disclosure via Configuration Handler in Halo /actuator (High Complexity
Publication date: 2025-12-28
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| halo | halo | to 2.21.10 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability leads to unauthorized exposure of sensitive internal information through improperly configured actuator endpoints. Such information disclosure can potentially violate data protection requirements under standards like GDPR and HIPAA, which mandate the protection of sensitive and personal data. Failure to secure these endpoints and prevent information leakage may result in non-compliance with these regulations. Mitigation involves restricting access to these endpoints and disabling unnecessary ones to protect confidentiality. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for unauthorized access or exposure of sensitive Spring Boot Actuator endpoints such as /actuator/env, /actuator/heapdump, and /actuator/logfile on the Halo application. You can use network scanning or HTTP request commands to probe these endpoints remotely. For example, using curl commands: curl -i http://<target-host>/actuator/env curl -i http://<target-host>/actuator/heapdump curl -i http://<target-host>/actuator/logfile If these endpoints return sensitive information without proper authentication or restrictions, the system is vulnerable. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /actuator endpoints by implementing firewall rules to limit remote access only to trusted IPs or internal networks. Additionally, disable or close all unnecessary sensitive Actuator endpoints in the Halo application configuration. Adjust the Spring Boot Actuator configuration to explicitly enable only the minimal set of endpoints required for business functionality, thereby preventing unintended information disclosure. [2, 3]
Can you explain this vulnerability to me?
This vulnerability exists in Halo up to version 2.21.10, specifically in the Configuration Handler component when processing the /actuator file. An attacker can manipulate this processing remotely, which may lead to information disclosure. The attack is complex and difficult to exploit, but the exploit has been publicly disclosed.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized information disclosure if exploited. Although the attack is complex and difficult to perform, a remote attacker could potentially gain access to sensitive information through the Configuration Handler's processing of the /actuator file.