Описание
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:viewvc:viewvc:1.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.0082
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
ubuntu
почти 16 лет назад
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
debian
почти 16 лет назад
ViewVC before 1.1.3 composes the root listing view without using the a ...
github
больше 3 лет назад
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
EPSS
Процентиль: 74%
0.0082
Низкий
5 Medium
CVSS2
Дефекты
CWE-200