Описание
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*
cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01561
Низкий
10 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
EPSS
Процентиль: 81%
0.01561
Низкий
10 Critical
CVSS2
Дефекты
CWE-287