CVE-2018-12536

🗓️ 27 Jun 2018 17:00:29Reported by eclipseType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 129 Views

CVE-2018-12536: Eclipse Jetty Server exposes server path informatio

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 48
NVD	CVE-2018-12536	27 Jun 201817:29	–	nvd
RedhatCVE	CVE-2018-12536	2 Jul 201822:33	–	redhatcve
Tenable Nessus	F5 Networks BIG-IP : Eclipse Jetty vulnerability (K33548065)	29 Mar 202200:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2018-12536	4 Mar 202500:00	–	nessus
Tenable Nessus	RHEL 7 : jetty (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	Fedora 28 : jetty (2018-48b73ed393)	3 Jan 201900:00	–	nessus
Tenable Nessus	Debian DLA-2661-1 : jetty9 security update	17 May 202100:00	–	nessus
Tenable Nessus	Fedora 27 : jetty (2018-93a507fd0f)	13 Jul 201800:00	–	nessus
Tenable Nessus	RHEL 7 : jetty (Unpatched Vulnerability)	11 May 202400:00	–	nessus
F5 Networks	K33548065: Eclipse Jetty vulnerability CVE-2018-12536	28 Mar 202200:00	–	f5

Nvd

Node

eclipse jettyRange9.0.0–9.2.26

eclipse jettyRange9.3.0–9.3.24

eclipse jettyRange9.4.0–9.4.11

Node

oracle retail_xstore_point_of_serviceMatch7.1

oracle retail_xstore_point_of_serviceMatch15.0

oracle retail_xstore_point_of_serviceMatch16.0.0

oracle retail_xstore_point_of_serviceMatch17.0

[
  {
    "product": "Eclipse Jetty",
    "vendor": "The Eclipse Foundation",
    "versions": [
      {
        "lessThanOrEqual": "9.2.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "9.3.0",
        "versionType": "custom"
      },
      {
        "lessThan": "9.3.24",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "9.4.0",
        "versionType": "custom"
      },
      {
        "lessThan": "9.4.11",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugs	www.bugs.eclipse.org/bugs/show_bug.cgi
oracle	www.oracle.com/security-alerts/cpuoct2020.html
lists	www.lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
security	www.security.netapp.com/advisory/ntap-20181014-0001/
securitytracker	www.securitytracker.com/id/1041194
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
support	www.support.hpe.com/hpsc/doc/public/display
lists	www.lists.debian.org/debian-lts-announce/2021/05/msg00016.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jun 2018 17:29Current

6.9Medium risk

Vulners AI Score6.9

CVSS25

CVSS35.3

EPSS0.02346

CWE-209