6.4 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.015 Low
EPSS
Percentile
86.9%
NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the “about” information page. NOTE: the vendor has disputed this issue
marc.info/?l=bugtraq&m=110608203729814&w=2
support.novell.com/servlet/tidfinder/10096251
www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-01/0771.html
www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-01/0341.html
www.osvdb.org/13135
www.securityfocus.com/bid/12285
exchange.xforce.ibmcloud.com/vulnerabilities/18954