Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2019-0225 - CERT CVE
CVE-2019-0225
ID
CVE-2019-0225
Sažetak
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an attacker to obtain registered users' details.
Reference
https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0225
http://www.openwall.com/lists/oss-security/2019/03/26/2
http://www.securityfocus.com/bid/107627
https://lists.apache.org/thread.html/4f19fdbd8b9c4caf6137a459d723f4ec60379b033ed69277eb4e0af9%40%3Cuser.jspwiki.apache.org%3E
https://lists.apache.org/thread.html/6251c06cb11e0b495066be73856592dbd7ed712487ef283d10972831%40%3Cdev.jspwiki.apache.org%3E
https://lists.apache.org/thread.html/03ddbcb1d6322e04734e65805a147a32bcfdb71b8fc5821fb046ba8d%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1%40%3Ccommits.jspwiki.apache.org%3E
https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16%40%3Ccommits.jspwiki.apache.org%3E
CVSS
Base:
7.8
Impact:
6.9
Exploitability:
10.0
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
COMPLETE
NONE
NONE
CVSS vektor
AV:N/AC:L/Au:N/C:C/I:N/A:N
Zadnje važnije ažuriranje
07-11-2023 - 03:01
Objavljeno
28-03-2019 - 22:29
