exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2018-12538

больше 7 лет назад

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-12538

больше 7 лет назад

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

CVSS3: 5.6

EPSS: Низкий

CVE-2018-12538

больше 7 лет назад

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-12538

больше 7 лет назад

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ...

CVSS3: 8.8

EPSS: Низкий

GHSA-mwcx-532g-8pq3

больше 7 лет назад

Access and integrity issue within Eclipse Jetty

CVSS3: 8.8

EPSS: Низкий

BDU:2019-04280

больше 7 лет назад

Уязвимость реализации класса FileSessionDataStore HTTP-сервера Jetty, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-12538 In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.	CVSS3: 8.8	1% Низкий	больше 7 лет назад
CVE-2018-12538 In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.	CVSS3: 5.6	1% Низкий	больше 7 лет назад
CVE-2018-12538 In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.	CVSS3: 8.8	1% Низкий	больше 7 лет назад
CVE-2018-12538 In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ...	CVSS3: 8.8	1% Низкий	больше 7 лет назад
GHSA-mwcx-532g-8pq3 Access and integrity issue within Eclipse Jetty	CVSS3: 8.8	1% Низкий	больше 7 лет назад
BDU:2019-04280 Уязвимость реализации класса FileSessionDataStore HTTP-сервера Jetty, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации	CVSS3: 8.8	1% Низкий	больше 7 лет назад

Уязвимостей на страницу