CVE-2016-6345

Опубликовано: 07 сент. 2016

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.

Ссылки

http://www.securityfocus.com/bid/92746
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1372117
Issue Tracking
http://www.securityfocus.com/bid/92746
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1372117
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:resteasy:-:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00084

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-6345

CVSS3: 6.5

ubuntu

больше 9 лет назад

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.

CVE-2016-6345

CVSS3: 3.5

redhat

больше 9 лет назад

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.

CVE-2016-6345

CVSS3: 6.5

debian

больше 9 лет назад

RESTEasy allows remote authenticated users to obtain sensitive informa ...

GHSA-vxhj-3x7p-jxp5

CVSS3: 6.5

github

больше 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy

EPSS

Процентиль: 25%

0.00084

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200