Описание
IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to access the user directory via a crafted request for a servlet, related to the serveServletsByClassnameEnabled setting.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.0:cf001:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf03:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf04:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf05:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00207
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to access the user directory via a crafted request for a servlet, related to the serveServletsByClassnameEnabled setting.
EPSS
Процентиль: 43%
0.00207
Низкий
5 Medium
CVSS2
Дефекты
CWE-264