exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-12196

почти 8 лет назад

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server.

CVSS3: 4.8

EPSS: Низкий

CVE-2017-12196

почти 8 лет назад

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server.

CVSS3: 4.8

EPSS: Низкий

CVE-2017-12196

почти 8 лет назад

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server.

CVSS3: 4.8

EPSS: Низкий

CVE-2017-12196

почти 8 лет назад

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was fou ...

CVSS3: 4.8

EPSS: Низкий

GHSA-cp7v-vmv7-6x2q

больше 3 лет назад

Incorrect Authorization in Undertow

CVSS3: 5.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-12196 undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server.	CVSS3: 4.8	0% Низкий	почти 8 лет назад
CVE-2017-12196 undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server.	CVSS3: 4.8	0% Низкий	почти 8 лет назад
CVE-2017-12196 undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the desired content on the server.	CVSS3: 4.8	0% Низкий	почти 8 лет назад
CVE-2017-12196 undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was fou ...	CVSS3: 4.8	0% Низкий	почти 8 лет назад
GHSA-cp7v-vmv7-6x2q Incorrect Authorization in Undertow	CVSS3: 5.9	0% Низкий	больше 3 лет назад

Уязвимостей на страницу