Lucene search
HistoryJan 13, 2010 - 8:30 p.m.
CVE-2009-4609
cve-2009-4609
mort bay jetty
information disclosure
remote attack
security vulnerability
5.9 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.8%
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrated by discovering the value of the getPathTranslated variable.
Related
cvelist
cvelist
CVE-2009-4609
2022-10-03 16:24:03
ubuntucve
ubuntucve
CVE-2009-4609
2010-01-13 00:00:00
veracode
veracode
Information Disclosure
2019-03-25 08:40:43
prion
prion
Design/Logic Flaw
2010-01-13 20:30:00
openvas
openvas
Mort Bay Jetty Multiple Vulnerabilities
2010-02-02 00:00:00
5.9 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.8%
Related for CVE-2009-4609