Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-4404
HistoryNov 19, 2011 - 3:58 a.m.

CVE-2011-4404

2011-11-1903:58:00
CWE-16
[email protected]
web.nvd.nist.gov
114
cve-2011-4404
information security
vulnerability
jetty
vmware
vcenter update manager
directory traversal
remote attack

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.966 High

EPSS

Percentile

99.6%

JSON

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.

Related

prion 2
ubuntucve 2
securityvulns 5
packetstorm 1
nessus 7
seebug 1
vmware 3
exploitpack 1
checkpoint_advisories 1
exploitdb 1
veracode 1
github 1
openvas 9
osv 1
cve 1
fedora 3
ibm 2
oracle 1
prion
prion
Directory traversal
2011-11-19 03:58:00
Directory traversal
2009-05-05 17:30:00
ubuntucve
ubuntucve
CVE-2011-4404
2011-11-19 00:00:00
CVE-2009-1523
2009-05-05 00:00:00
securityvulns
securityvulns
VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
2011-11-20 00:00:00
Jetty Web server / VMware vCenter directory traversal
2011-11-20 00:00:00
[security bulletin] HPSBMA02553 SSRT100184 rev.1 - HP Insight Control Server Migration for Windows, Local and Remote Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS)
2010-07-18 00:00:00
packetstorm
packetstorm
VMware Update Manager Directory Traversal
2011-11-21 00:00:00
nessus
nessus
VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014)
2011-11-28 00:00:00
openSUSE Security Update : jetty5 (jetty5-1531)
2009-11-11 00:00:00
Mandriva Linux Security Advisory : jetty5 (MDVSA-2009:291)
2009-10-30 00:00:00
seebug
seebug
Jetty Web Serverไธๆ˜Ž็ป†่Š‚็›ฎๅฝ•้ๅŽ†ๆผๆดž
2011-11-21 00:00:00
vmware
vmware
VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
2011-11-17 00:00:00
VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
2010-07-19 00:00:00
VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
2010-07-19 00:00:00
exploitpack
exploitpack
VMware - Update Manager Directory Traversal
2011-11-21 00:00:00
checkpoint_advisories
checkpoint_advisories
VMware Update Manager Directory Traversal (CVE-2011-4404)
2012-09-04 00:00:00
exploitdb
exploitdb
VMware - Update Manager Directory Traversal
2011-11-21 00:00:00
veracode
veracode
Directory Traversal
2018-11-08 06:30:45
github
github
Directory traversal in Mort Bay Jetty
2022-05-02 03:26:04
openvas
openvas
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
2009-05-04 00:00:00
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
2009-11-11 00:00:00
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
2009-11-11 00:00:00
osv
osv
Directory traversal in Mort Bay Jetty
2022-05-02 03:26:04
cve
cve
CVE-2009-1523
2009-05-05 17:30:00
fedora
fedora
[SECURITY] Fedora 9 Update: jetty-5.1.15-3.fc9
2009-05-26 07:55:49
[SECURITY] Fedora 10 Update: jetty-5.1.15-3.fc10
2009-05-26 07:57:22
[SECURITY] Fedora 11 Update: jetty-5.1.15-4.fc11
2009-05-26 07:56:18
ibm
ibm
Security Bulletin: Jetty vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2011-4461, CVS-2009-4612, CVE-2009-4611, CVE-2009-4610, CVS-2009-4609, CVE-2009-1524, CVE-2009-1523)
2020-02-11 18:29:33
Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
2022-09-19 20:54:31
oracle
oracle
09-07 CPU Advisory
2009-07-14 00:00:00

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.966 High

EPSS

Percentile

99.6%

JSON
Related for CVE-2011-4404
prion2ubuntucve2securityvulns5packetstorm1nessus7seebug1vmware3exploitpack1checkpoint_advisories1exploitdb1veracode1github1openvas9osv1cve1fedora3ibm2oracle1