CVE-2000-0497

Опубликовано: 08 июн. 2000

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.

Ссылки

http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0263.html
Broken Link
Patch
Vendor Advisory
http://www-4.ibm.com/software/webservers/appserv/efix.html
Product
http://www.securityfocus.com/bid/1328
Broken Link
Third Party Advisory
VDB Entry
http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0263.html
Broken Link
Patch
Vendor Advisory
http://www-4.ibm.com/software/webservers/appserv/efix.html
Product
http://www.securityfocus.com/bid/1328
Broken Link
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:websphere_application_server:3.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00729

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-178

Связанные уязвимости

GHSA-9fxf-pgc8-6fjq