Описание
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
Ссылки
- Press/Media Coverage
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:smarsh:telemessage:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04423
Низкий
4 Medium
CVSS3
Дефекты
CWE-528
CWE-552
Связанные уязвимости
CVSS3: 4
github
8 месяцев назад
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
CVSS3: 4
fstec
8 месяцев назад
Уязвимость компонента JSP Application корпоративного защищённого решения для обмена сообщениями TeleMessage TM SGNL, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации
EPSS
Процентиль: 89%
0.04423
Низкий
4 Medium
CVSS3
Дефекты
CWE-528
CWE-552