CVE-2000-0652

Опубликовано: 24 июл. 2000

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-07/0342.html
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/1500
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5012
http://archives.neohapsis.com/archives/bugtraq/2000-07/0342.html
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/1500
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5012

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_application_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0.21:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04191

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-78c2-6wr9-gc88

github

почти 4 года назад