Lucene search

[email protected]CVE-2008-6521

HistoryMar 25, 2009 - 6:30 p.m.

CVE-2008-6521

2009-03-2518:30:00

CWE-200

[email protected]

web.nvd.nist.gov

terracotta

openterracotta

cve-2008-6521

information disclosure

security vulnerability

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.7%

JSON

index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message.

Affected configurations

NVD

Node

devraj_mukherjeeopenterracottaMatch0.6.1

CPENameOperatorVersion
devraj_mukherjee:openterracottadevraj mukherjee openterracottaeq0.6.1

CPE	Name	Operator	Version
devraj_mukherjee:openterracotta	devraj mukherjee openterracotta	eq	0.6.1

References

www.securityfocus.com/archive/1/490341/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/41571

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.7%

JSON

Related for CVE-2008-6521

prion1 cvelist1 nvd1