Описание
Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
Ссылки
- Not Applicable
- Patch
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Not Applicable
- Patch
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:orionserver:orion_application_server:1.5.3:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00347
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
EPSS
Процентиль: 57%
0.00347
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other