exploitDog

CVE-2014-0871

Опубликовано: 07 июл. 2014

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:algo_credit_limits:4.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:algo_credit_limits:4.7.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:algorithmics:-:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.14308

Средний

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-ggwj-625q-9wgf

github

больше 3 лет назад

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character.

EPSS

Процентиль: 94%

0.14308

Средний

4.3 Medium

CVSS2

Дефекты

CWE-200