Lucene search
HistoryApr 28, 2010 - 10:30 p.m.
CVE-2010-1587
cve-2010-1587
jetty resourcehandler
apache activemq
remote attack
jsp
nvd
6.9 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.591 Medium
EPSS
Percentile
97.7%
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
Related
dsquare
dsquare
Apache ActiveMQ Source Code Disclosure
2012-03-18 00:00:00
osv
osv
prion
prion
Design/Logic Flaw
2010-04-28 22:30:00
nessus
nessus
Apache ActiveMQ Double Slash Request Source Code Disclosure
2010-04-24 00:00:00
cvelist
cvelist
CVE-2010-1587
2010-04-28 22:00:00
openvas
openvas
Apache ActiveMQ Source Code Information Disclosure Vulnerability
2010-04-23 00:00:00
github
github
6.9 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.591 Medium
EPSS
Percentile
97.7%
Related for CVE-2010-1587