Lucene search

[email protected]CVE-2003-0628

HistoryDec 15, 2003 - 5:00 a.m.

CVE-2003-0628

2003-12-1505:00:00

[email protected]

web.nvd.nist.gov

cve

peoplesoft

gateway administration

servlet

peopletools 8.43

security vulnerability

nvd

ssi files

remote attackers

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.

Affected configurations

NVD

Node

peoplesoftpeopletoolsMatch8.4

peoplesoftpeopletoolsMatch8.10

peoplesoftpeopletoolsMatch8.11

peoplesoftpeopletoolsMatch8.12

peoplesoftpeopletoolsMatch8.13

peoplesoftpeopletoolsMatch8.14

peoplesoftpeopletoolsMatch8.15

peoplesoftpeopletoolsMatch8.16

peoplesoftpeopletoolsMatch8.17

peoplesoftpeopletoolsMatch8.18

peoplesoftpeopletoolsMatch8.19

peoplesoftpeopletoolsMatch8.20

peoplesoftpeopletoolsMatch8.40

peoplesoftpeopletoolsMatch8.41

peoplesoftpeopletoolsMatch8.42

peoplesoftpeopletoolsMatch8.43

CPENameOperatorVersion
peoplesoft:peopletoolspeoplesoft peopletoolseq8.4
peoplesoft:peopletoolspeoplesoft peopletoolseq8.10
peoplesoft:peopletoolspeoplesoft peopletoolseq8.11
peoplesoft:peopletoolspeoplesoft peopletoolseq8.12
peoplesoft:peopletoolspeoplesoft peopletoolseq8.13
peoplesoft:peopletoolspeoplesoft peopletoolseq8.14
peoplesoft:peopletoolspeoplesoft peopletoolseq8.15
peoplesoft:peopletoolspeoplesoft peopletoolseq8.16
peoplesoft:peopletoolspeoplesoft peopletoolseq8.17
peoplesoft:peopletoolspeoplesoft peopletoolseq8.18

CPE	Name	Operator	Version
peoplesoft:peopletools	peoplesoft peopletools	eq	8.4
peoplesoft:peopletools	peoplesoft peopletools	eq	8.10
peoplesoft:peopletools	peoplesoft peopletools	eq	8.11
peoplesoft:peopletools	peoplesoft peopletools	eq	8.12
peoplesoft:peopletools	peoplesoft peopletools	eq	8.13
peoplesoft:peopletools	peoplesoft peopletools	eq	8.14
peoplesoft:peopletools	peoplesoft peopletools	eq	8.15
peoplesoft:peopletools	peoplesoft peopletools	eq	8.16
peoplesoft:peopletools	peoplesoft peopletools	eq	8.17
peoplesoft:peopletools	peoplesoft peopletools	eq	8.18

Rows per page:

1-10 of 161

References

marc.info/?l=bugtraq&m=106874146204158&w=2

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVE-2003-0628

cvelist1 securityvulns1 nvd1