CVE-2002-1546

Опубликовано: 31 мар. 2003

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.

Ссылки

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0043.html
http://www.iss.net/security_center/static/10467.php
Vendor Advisory
http://www.securityfocus.com/bid/6041
Vendor Advisory
http://www.securityoffice.net/articles/webweaver/
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0043.html
http://www.iss.net/security_center/static/10467.php
Vendor Advisory
http://www.securityfocus.com/bid/6041
Vendor Advisory
http://www.securityoffice.net/articles/webweaver/
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brs:webweaver:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00428

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-489v-qc6r-c8fp

github

почти 4 года назад