DATABASE RESOURCES PRICING ABOUT US

{"id": "DEBIAN:DLA-2661-1:5DE5A", "vendorId": null, "type": "debian", "bulletinFamily": "unix", "title": "[SECURITY] [DLA 2661-1] jetty9 security update", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2661-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Sylvain Beucler\nMay 14, 2021 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : jetty9\nVersion : 9.2.30-0+deb9u1\nCVE ID : CVE-2017-9735 CVE-2018-12536 CVE-2019-10241 CVE-2019-10247 \n CVE-2020-27216\nDebian Bug : 864898 902774 928444\n\nSeveral vulnerabilities were discovered in jetty, a Java servlet\nengine and webserver. An attacker may reveal cryptographic credentials\nsuch as passwords to a local user, disclose installation paths, hijack\nuser sessions or tamper with collocated webapps.\n\nCVE-2017-9735\n\n Jetty is prone to a timing channel in util/security/Password.java,\n which makes it easier for remote attackers to obtain access by\n observing elapsed times before rejection of incorrect passwords.\n\nCVE-2018-12536\n\n On webapps deployed using default Error Handling, when an\n intentionally bad query arrives that doesn't match a dynamic\n url-pattern, and is eventually handled by the DefaultServlet's\n static file serving, the bad characters can trigger a\n java.nio.file.InvalidPathException which includes the full path to\n the base resource directory that the DefaultServlet and/or webapp\n is using. If this InvalidPathException is then handled by the\n default Error Handler, the InvalidPathException message is\n included in the error response, revealing the full server path to\n the requesting system.\n\nCVE-2019-10241\n\n The server is vulnerable to XSS conditions if a remote client USES\n a specially formatted URL against the DefaultServlet or\n ResourceHandler that is configured for showing a Listing of\n directory contents.\n\nCVE-2019-10247\n\n The server running on any OS and Jetty version combination will\n reveal the configured fully qualified directory base resource\n location on the output of the 404 error for not finding a Context\n that matches the requested path. The default server behavior on\n jetty-distribution and jetty-home will include at the end of the\n Handler tree a DefaultHandler, which is responsible for reporting\n this 404 error, it presents the various configured contexts as\n HTML for users to click through to. This produced HTML includes\n output that contains the configured fully qualified directory base\n resource location for each context.\n\nCVE-2020-27216\n\n On Unix like systems, the system's temporary directory is shared\n between all users on that system. A collocated user can observe\n the process of creating a temporary sub directory in the shared\n temporary directory and race to complete the creation of the\n temporary subdirectory. If the attacker wins the race then they\n will have read and write permission to the subdirectory used to\n unpack web applications, including their WEB-INF/lib jar files and\n JSP files. If any code is ever executed out of this temporary\n directory, this can lead to a local privilege escalation\n vulnerability.\n\nThis update also includes several other bug fixes and\nimprovements. For more information please refer to the upstream\nchangelog file.\n\nFor Debian 9 stretch, these problems have been fixed in version\n9.2.30-0+deb9u1.\n\nWe recommend that you upgrade your jetty9 packages.\n\nFor the detailed security status of jetty9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jetty9\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "published": "2021-05-14T13:28:53", "modified": "2021-05-14T13:28:53", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2017-9735", "CVE-2018-12536", "CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27216"], "immutableFields": [], "lastseen": "2022-03-26T18:51:45", "viewCount": 59, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-9735", "CVE-2018-12536", "CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27216"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1020-1:153AB", "DEBIAN:DLA-1020-1:D77C3", "DEBIAN:DLA-1021-1:3F138", "DEBIAN:DLA-1021-1:8BAEA", "DEBIAN:DSA-4949-1:1212B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-9735", "DEBIANCVE:CVE-2018-12536", "DEBIANCVE:CVE-2019-10241", "DEBIANCVE:CVE-2019-10247", "DEBIANCVE:CVE-2020-27216"]}, {"type": "f5", "idList": ["F5:K01869532", "F5:K18484125", "F5:K33548065", "F5:K41412302"]}, {"type": "fedora", "idList": ["FEDORA:2703C614C115", "FEDORA:54C15615CE59", "FEDORA:7EA4A615D50A", "FEDORA:A0E7D606D492", "FEDORA:CB91560BFDF4", "FEDORA:D529B625B834", "FEDORA:E1DB3601E80E"]}, {"type": "github", "idList": ["GHSA-7VX9-XJHR-RW6H", "GHSA-9RGV-H7X4-QW8G", "GHSA-G3WG-6MCF-8JJ6", "GHSA-WFCC-PFF6-RGC5", "GHSA-XC67-HJX6-CGG6"]}, {"type": "ibm", "idList": ["026861C8F37CB442AEB06F08CB67784AB6226E1C2C5830E2D4227D71E9453C5B", "0CDA7C10442B705C677D939E4525A0FD2BF6C2E3CCD7C1AC57DA125C095DD3F3", "101D9839DC4D3A67F5CA5070D8255AEF01378A1F2F94126A2F00868A71C2B71A", "12F717244FEBE2E574C4797C485B84D93877100AB65740AE0F0E7EE891C8C624", "1684DEC3DF3BB9E78C84E76D9D7057965A40ADC07F69C113F4E928D34BF0D671", "1816205804EFBBBBB94018144A008A33799E226A9B559AA545872E5FBE25A885", "1A030187296C45282C7919058ADD8AA1992811C3B3D7481CF22AA0E13A7F5096", "1DC9078E2D1CA7D5784B1FC9BDA067B8531DD5665DE952284FBF28A882CBE820", "298BF6456F25FB0FA4ABCC44697A8A09539C09F07FD2D12D662783F870D20656", "2C070ACA838DF756EF2C6663B3A4CC8D6546936B4E9067A8CC8F4E89004415FB", "2DD33EDACA0BB82F4B5458A08C6886655FE63C68C3DB81837B804B712F21638E", "3E7141042BE5B9E1A55ADA05F6035C03E394EF7DC2BDEDF57AEB4C33DF04D003", "3F1E93CED935A8B73DF4F559D8444A47F42A24D3C4458A3E6BDE3B7C2F9CF9D0", "43BBB2862D7B1199D4C2C8A86EDAC6F339ED22482E792A5F1460A630A77A12E4", "570AF6CDC4F7E864E6852EBD03923041C13A884B424AC254820AD0EEB73694DF", "573F294E16A1C9B7682B48604209232E9D20CDAD4F9D09F633AA855F804E24CD", "5EECFC5C8DC24CAFE9B7AB5FC12D78B14281213BEAB82B828C710EEE945957CC", "654EC4741C192A4D4B8ACB967C8C2D31BEFC1442C9B7DCC262604FE1AE69DF3B", "75A547F3BA75C8FD5BF5185CE11155B9F37CBC820B9102C0531E0C7785BA8B78", "7AF5E457957D525BF4860A192FFBA4A63C528432C2CE1B5DDAC50B96EBBF9A8E", "8DF333F79E75C38BAF5D10978D2A5980C7BCD16722EBEF4A77847AA9601A851D", "92CB3843138A52E09E1E53A7B1F44996ABBC10BE478421F26B6289555D2F2CAE", "96B34DECBD5111CA099BBF02896DC500AFE9357A8C64E783BBC560AB34F745F2", "9B7484C34C9F34F0426B6E8110F51B91DBBF139DD14849DC744E1B348D2F480F", "9D6E689B86BDBCDFA0DB5F9240222191FC4016B876A0DD8016610AFA69FAFE0C", "A104F357C85C98F8863EC17E0968EE2F520A9E4DA3A10DBF1287F2CDE17AFD04", "A286BD77B3C7FBE86C2323B3D9F433CB3B367EDDC062CD70A992ABBC521C41B7", "A2986B3F1E7D262A7D84A42B3E6305CB140E7761D5A0E56DB1A501FFE61D4E56", "AB595BAD745ACCEB2CA1F5A7FC0DC9717FFDD74D2EEC460390003F7C91DD4FFD", "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "B5F498C2528C0E625760D72F802C203FB63AC6B3CBD1D27268D5F386CC4385CE", "CA7B69C6C25B5CD3E67C5E490475138F56E88AC0B9EF3B3DB16A58692CDC85F8", "CE88EF5FA52F7C45C7237870ADB3FB7CCE5436E5AE3ED58C08CAF3501C651AE8", "D4D59CFE21484F96852DB1D04961FBD5D11A6439B4EFDD7D5412D5A9FFAD9732", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E4A28F8F68186CEA27D3FEB20460BE3334CBCA58BC4385BFB2DAC3333FEF6C4B", "E6075AA4421CDE4C93FB6FE776168FD888F3E662A7F0CD9B705035929B13694E", "EAE3626D697DD9AA184F2FB8430E9808A349261E042A2F475F1558DE0474E3B5", "EB9C97E1767E99DB5972AA6DB53446FFC1D2256CC95E283AD514F18189053A41", "F3E9AF17DCD2EBC47BC32D0E05B6ACDCBFDDAF3EB47FFAC93CFD0FEBBBC04F7E", "F9336FFC545BDCFCB6E2911A06416BD29601F97D9670FD8B6FE980BAB262EA22", "FF60AB2CCC42CBF13C1B6FA8A219EC72D17B3DCC11F28A2485862DCCD8A4C2EC"]}, {"type": "mageia", "idList": ["MGASA-2017-0277"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-1020.NASL", "DEBIAN_DLA-1021.NASL", "DEBIAN_DLA-2661.NASL", "DEBIAN_DSA-4949.NASL", "F5_BIGIP_SOL18484125.NASL", "F5_BIGIP_SOL33548065.NASL", "FEDORA_2017-03954B6DC4.NASL", "FEDORA_2017-1206F87545.NASL", "FEDORA_2017-4E2312892E.NASL", "FEDORA_2018-48B73ED393.NASL", "FEDORA_2018-93A507FD0F.NASL", "REDHAT-RHSA-2020-5168.NASL", "REDHAT-RHSA-2021-2431.NASL", "REDHAT-RHSA-2021-2499.NASL", "REDHAT-RHSA-2021-2517.NASL", "WEB_APPLICATION_SCANNING_113002"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108499", "OPENVAS:1361412562310108501", "OPENVAS:1361412562310140261", "OPENVAS:1361412562310142309", "OPENVAS:136141256231014231", "OPENVAS:1361412562310142312", "OPENVAS:1361412562310142313", "OPENVAS:1361412562310813552", "OPENVAS:1361412562310872861", "OPENVAS:1361412562310872864", "OPENVAS:1361412562310872871", "OPENVAS:1361412562310872874", "OPENVAS:1361412562310874796", "OPENVAS:1361412562310874809", "OPENVAS:1361412562310891020", "OPENVAS:1361412562310891021"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2019-5072832", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "osv", "idList": ["OSV:DLA-1020-1", "OSV:DLA-1021-1", "OSV:DLA-2661-1", "OSV:DSA-4949-1", "OSV:GHSA-7VX9-XJHR-RW6H", "OSV:GHSA-9RGV-H7X4-QW8G", "OSV:GHSA-G3WG-6MCF-8JJ6", "OSV:GHSA-WFCC-PFF6-RGC5", "OSV:GHSA-XC67-HJX6-CGG6"]}, {"type": "redhat", "idList": ["RHSA-2020:0922", "RHSA-2020:0983", "RHSA-2020:1445", "RHSA-2020:5168", "RHSA-2020:5365", "RHSA-2021:0329", "RHSA-2021:2431", "RHSA-2021:2499", "RHSA-2021:2517", "RHSA-2021:3140"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-9735", "RH:CVE-2018-12536", "RH:CVE-2019-10241", "RH:CVE-2019-10247", "RH:CVE-2020-27216"]}, {"type": "symantec", "idList": ["SMNTC-110476", "SMNTC-110519"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-9735", "UB:CVE-2018-12536", "UB:CVE-2019-10241", "UB:CVE-2019-10247", "UB:CVE-2020-27216"]}, {"type": "veracode", "idList": ["VERACODE:27671"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2017-9735"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1020-1:D77C3", "DEBIAN:DLA-1021-1:8BAEA"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-9735", "DEBIANCVE:CVE-2018-12536", "DEBIANCVE:CVE-2019-10241", "DEBIANCVE:CVE-2019-10247", "DEBIANCVE:CVE-2020-27216"]}, {"type": "f5", "idList": ["F5:K01869532", "F5:K41412302"]}, {"type": "fedora", "idList": ["FEDORA:2703C614C115", "FEDORA:54C15615CE59", "FEDORA:7EA4A615D50A", "FEDORA:A0E7D606D492", "FEDORA:CB91560BFDF4", "FEDORA:D529B625B834", "FEDORA:E1DB3601E80E"]}, {"type": "github", "idList": ["GHSA-7VX9-XJHR-RW6H", "GHSA-9RGV-H7X4-QW8G", "GHSA-WFCC-PFF6-RGC5", "GHSA-XC67-HJX6-CGG6"]}, {"type": "ibm", "idList": ["1816205804EFBBBBB94018144A008A33799E226A9B559AA545872E5FBE25A885", "92CB3843138A52E09E1E53A7B1F44996ABBC10BE478421F26B6289555D2F2CAE"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-1020.NASL", "DEBIAN_DLA-1021.NASL", "FEDORA_2017-03954B6DC4.NASL", "FEDORA_2017-1206F87545.NASL", "FEDORA_2017-4E2312892E.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310140261", "OPENVAS:1361412562310872861", "OPENVAS:1361412562310872864", "OPENVAS:1361412562310872871", "OPENVAS:1361412562310872874"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "osv", "idList": ["OSV:GHSA-7VX9-XJHR-RW6H", "OSV:GHSA-G3WG-6MCF-8JJ6"]}, {"type": "redhat", "idList": ["RHSA-2021:3140"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-27216"]}, {"type": "symantec", "idList": ["SMNTC-110519"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-27216"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2017-9735", "epss": "0.003110000", "percentile": "0.653420000", "modified": "2023-03-16"}, {"cve": "CVE-2018-12536", "epss": "0.004200000", "percentile": "0.701840000", "modified": "2023-03-16"}, {"cve": "CVE-2019-10241", "epss": "0.001880000", "percentile": "0.545790000", "modified": "2023-03-17"}, {"cve": "CVE-2019-10247", "epss": "0.002490000", "percentile": "0.610350000", "modified": "2023-03-17"}, {"cve": "CVE-2020-27216", "epss": "0.000520000", "percentile": "0.183500000", "modified": "2023-03-16"}], "vulnersScore": 0.0}, "_state": {"dependencies": 1659998956, "score": 1659900266, "epss": 1679073339}, "_internal": {"score_hash": "f4103689e442bb51195f213ca104bb52"}, "affectedPackage": [{"OSVersion": "7", "OS": "Debian", "operator": "lt", "packageVersion": "8.1.3-4+deb7u1", "packageFilename": "libjetty8-java_8.1.3-4+deb7u1_all.deb", "arch": "all", "packageName": "libjetty8-java"}, {"OS": "Debian", "operator": "lt", "OSVersion": "9", "packageFilename": "libjetty9-java_9.2.30-0+deb9u1_all.deb", "packageVersion": "9.2.30-0+deb9u1", "arch": "all", "packageName": "libjetty9-java"}, {"OSVersion": "7", "OS": "Debian", "operator": "lt", "packageFilename": "libjetty-java_6.1.26-1+deb7u1_all.deb", "packageVersion": "6.1.26-1+deb7u1", "arch": "all", "packageName": "libjetty-java"}, {"OSVersion": "10", "packageVersion": "9.4.16-0+deb10u1", "packageFilename": "libjetty9-java_9.4.16-0+deb10u1_all.deb", "OS": "Debian", "operator": "lt", "arch": "all", "packageName": "libjetty9-java"}, {"OSVersion": "7", "OS": "Debian", "operator": "lt", "packageFilename": "libjetty-extra-java_6.1.26-1+deb7u1_all.deb", "packageVersion": "6.1.26-1+deb7u1", "arch": "all", "packageName": "libjetty-extra-java"}, {"OSVersion": "10", "packageVersion": "9.4.16-0+deb10u1", "OS": "Debian", "operator": "lt", "packageFilename": "jetty9_9.4.16-0+deb10u1_all.deb", "arch": "all", "packageName": "jetty9"}, {"OSVersion": "7", "OS": "Debian", "operator": "lt", "packageVersion": "6.1.26-1+deb7u1", "arch": "amd64", "packageFilename": "libjetty-extra_6.1.26-1+deb7u1_amd64.deb", "packageName": "libjetty-extra"}, {"packageFilename": "libjetty-java-doc_6.1.26-1+deb7u1_all.deb", "OSVersion": "7", "OS": "Debian", "operator": "lt", "packageVersion": "6.1.26-1+deb7u1", "arch": "all", "packageName": "libjetty-java-doc"}, {"OS": "Debian", "operator": "lt", "OSVersion": "9", "packageVersion": "9.2.30-0+deb9u1", "arch": "all", "packageFilename": "libjetty9-extra-java_9.2.30-0+deb9u1_all.deb", "packageName": "libjetty9-extra-java"}, {"OSVersion": "7", "OS": "Debian", "packageFilename": "libjetty8-extra-java_8.1.3-4+deb7u1_all.deb", "arch": "all", "packageVersion": "8.1.3-4+deb7u1", "operator": "lt", "packageName": "libjetty8-extra-java"}, {"OSVersion": "7", "OS": "Debian", "operator": "lt", "packageVersion": "8.1.3-4+deb7u1", "packageFilename": "jetty8_8.1.3-4+deb7u1_all.deb", "arch": "all", "packageName": "jetty8"}, {"OSVersion": "10", "packageVersion": "9.4.16-0+deb10u1", "OS": "Debian", "arch": "all", "operator": "lt", "packageFilename": "libjetty9-extra-java_9.4.16-0+deb10u1_all.deb", "packageName": "libjetty9-extra-java"}, {"OSVersion": "7", "OS": "Debian", "operator": "lt", "packageVersion": "6.1.26-1+deb7u1", "arch": "all", "packageFilename": "jetty_6.1.26-1+deb7u1_all.deb", "packageName": "jetty"}, {"packageFilename": "jetty9_9.2.30-0+deb9u1_all.deb", "OS": "Debian", "operator": "lt", "OSVersion": "9", "packageVersion": "9.2.30-0+deb9u1", "arch": "all", "packageName": "jetty9"}, {"packageFilename": "libjetty8-java-doc_8.1.3-4+deb7u1_all.deb", "OSVersion": "7", "OS": "Debian", "operator": "lt", "packageVersion": "8.1.3-4+deb7u1", "arch": "all", "packageName": "libjetty8-java-doc"}]}

{"nessus": [{"lastseen": "2023-01-23T14:30:27", "description": "Several vulnerabilities were discovered in jetty, a Java servlet engine and webserver. An attacker may reveal cryptographic credentials such as passwords to a local user, disclose installation paths, hijack user sessions or tamper with collocated webapps.\n\nCVE-2017-9735\n\nJetty is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.\n\nCVE-2018-12536\n\nOn webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.\n\nCVE-2019-10241\n\nThe server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.\n\nCVE-2019-10247\n\nThe server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.\n\nCVE-2020-27216\n\nOn Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.\n\nThis update also includes several other bug fixes and improvements.\nFor more information please refer to the upstream changelog file.\n\nFor Debian 9 stretch, these problems have been fixed in version 9.2.30-0+deb9u1.\n\nWe recommend that you upgrade your jetty9 packages.\n\nFor the detailed security status of jetty9 please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/jetty9\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-17T00:00:00", "type": "nessus", "title": "Debian DLA-2661-1 : jetty9 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735", "CVE-2018-12536", "CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27216"], "modified": "2022-12-07T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jetty9", "p-cpe:/a:debian:debian_linux:libjetty9-extra-java", "p-cpe:/a:debian:debian_linux:libjetty9-java", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2661.NASL", "href": "https://www.tenable.com/plugins/nessus/149518", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2661-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149518);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/07\");\n\n script_cve_id(\"CVE-2017-9735\", \"CVE-2018-12536\", \"CVE-2019-10241\", \"CVE-2019-10247\", \"CVE-2020-27216\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Debian DLA-2661-1 : jetty9 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were discovered in jetty, a Java servlet\nengine and webserver. An attacker may reveal cryptographic credentials\nsuch as passwords to a local user, disclose installation paths, hijack\nuser sessions or tamper with collocated webapps.\n\nCVE-2017-9735\n\nJetty is prone to a timing channel in util/security/Password.java,\nwhich makes it easier for remote attackers to obtain access by\nobserving elapsed times before rejection of incorrect passwords.\n\nCVE-2018-12536\n\nOn webapps deployed using default Error Handling, when an\nintentionally bad query arrives that doesn't match a dynamic\nurl-pattern, and is eventually handled by the DefaultServlet's static\nfile serving, the bad characters can trigger a\njava.nio.file.InvalidPathException which includes the full path to the\nbase resource directory that the DefaultServlet and/or webapp is\nusing. If this InvalidPathException is then handled by the default\nError Handler, the InvalidPathException message is included in the\nerror response, revealing the full server path to the requesting\nsystem.\n\nCVE-2019-10241\n\nThe server is vulnerable to XSS conditions if a remote client USES a\nspecially formatted URL against the DefaultServlet or ResourceHandler\nthat is configured for showing a Listing of directory contents.\n\nCVE-2019-10247\n\nThe server running on any OS and Jetty version combination will reveal\nthe configured fully qualified directory base resource location on the\noutput of the 404 error for not finding a Context that matches the\nrequested path. The default server behavior on jetty-distribution and\njetty-home will include at the end of the Handler tree a\nDefaultHandler, which is responsible for reporting this 404 error, it\npresents the various configured contexts as HTML for users to click\nthrough to. This produced HTML includes output that contains the\nconfigured fully qualified directory base resource location for each\ncontext.\n\nCVE-2020-27216\n\nOn Unix like systems, the system's temporary directory is shared\nbetween all users on that system. A collocated user can observe the\nprocess of creating a temporary sub directory in the shared temporary\ndirectory and race to complete the creation of the temporary\nsubdirectory. If the attacker wins the race then they will have read\nand write permission to the subdirectory used to unpack web\napplications, including their WEB-INF/lib jar files and JSP files. If\nany code is ever executed out of this temporary directory, this can\nlead to a local privilege escalation vulnerability.\n\nThis update also includes several other bug fixes and improvements.\nFor more information please refer to the upstream changelog file.\n\nFor Debian 9 stretch, these problems have been fixed in version\n9.2.30-0+deb9u1.\n\nWe recommend that you upgrade your jetty9 packages.\n\nFor the detailed security status of jetty9 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/jetty9\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jetty9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/jetty9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10247\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jetty9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty9-extra-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty9-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"jetty9\", reference:\"9.2.30-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjetty9-extra-java\", reference:\"9.2.30-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjetty9-java\", reference:\"9.2.30-0+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-24T14:51:06", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4949 advisory.\n\n - In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. (CVE-2019-10241)\n\n - In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.\n (CVE-2019-10247)\n\n - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. (CVE-2020-27216)\n\n - In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of quality (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. (CVE-2020-27223)\n\n - The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\\SYSTEM.\n (CVE-2020-28169)\n\n - For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.\n (CVE-2021-34428)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-05T00:00:00", "type": "nessus", "title": "Debian DSA-4949-1 : jetty9 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27216", "CVE-2020-27223", "CVE-2020-28165", "CVE-2020-28169", "CVE-2021-34428"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jetty9", "p-cpe:/a:debian:debian_linux:libjetty9-extra-java", "p-cpe:/a:debian:debian_linux:libjetty9-java", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4949.NASL", "href": "https://www.tenable.com/plugins/nessus/152224", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-4949. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152224);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-10241\",\n \"CVE-2019-10247\",\n \"CVE-2020-27216\",\n \"CVE-2020-27223\",\n \"CVE-2020-28165\",\n \"CVE-2020-28169\",\n \"CVE-2021-34428\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0019\");\n script_xref(name:\"IAVA\", value:\"2019-A-0384\");\n script_xref(name:\"IAVA\", value:\"2021-A-0035-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Debian DSA-4949-1 : jetty9 - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-4949 advisory.\n\n - In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is\n vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet\n or ResourceHandler that is configured for showing a Listing of directory contents. (CVE-2019-10241)\n\n - In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server\n running on any OS and Jetty version combination will reveal the configured fully qualified directory base\n resource location on the output of the 404 error for not finding a Context that matches the requested\n path. The default server behavior on jetty-distribution and jetty-home will include at the end of the\n Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various\n configured contexts as HTML for users to click through to. This produced HTML includes output that\n contains the configured fully qualified directory base resource location for each context.\n (CVE-2019-10247)\n\n - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1\n thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on\n that system. A collocated user can observe the process of creating a temporary sub directory in the shared\n temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins\n the race then they will have read and write permission to the subdirectory used to unpack web\n applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of\n this temporary directory, this can lead to a local privilege escalation vulnerability. (CVE-2020-27216)\n\n - In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a\n request containing multiple Accept headers with a large number of quality (i.e. q) parameters, the\n server may enter a denial of service (DoS) state due to high CPU usage processing those quality values,\n resulting in minutes of CPU time exhausted processing those quality values. (CVE-2020-27223)\n\n - The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the\n bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\\SYSTEM.\n (CVE-2020-28169)\n\n - For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the\n SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID\n manager. On deployments with clustered sessions and multiple contexts this can result in a session not\n being invalidated. This can result in an application used on a shared computer being left logged in.\n (CVE-2021-34428)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/jetty9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2021/dsa-4949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2019-10241\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2019-10247\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-27216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-27223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-28165\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-28169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-34428\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/jetty9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the jetty9 packages.\n\nFor the stable distribution (buster), these problems have been fixed in version 9.4.16-0+deb10u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-28165\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jetty9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty9-extra-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty9-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nrelease = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nrelease = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + release);\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\npkgs = [\n {'release': '10.0', 'prefix': 'jetty9', 'reference': '9.4.16-0+deb10u1'},\n {'release': '10.0', 'prefix': 'libjetty9-extra-java', 'reference': '9.4.16-0+deb10u1'},\n {'release': '10.0', 'prefix': 'libjetty9-java', 'reference': '9.4.16-0+deb10u1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n release = NULL;\n prefix = NULL;\n reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jetty9 / libjetty9-extra-java / libjetty9-java');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:18:10", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K33548065 advisory.\n\n - In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.\n (CVE-2018-12536)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-03-29T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Eclipse Jetty vulnerability (K33548065)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12536"], "modified": "2022-03-29T00:00:00", "cpe": ["cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip:*:*:*:*:*:*:*:*"], "id": "F5_BIGIP_SOL33548065.NASL", "href": "https://www.tenable.com/plugins/nessus/159281", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K33548065.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159281);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/29\");\n\n script_cve_id(\"CVE-2018-12536\");\n\n script_name(english:\"F5 Networks BIG-IP : Eclipse Jetty vulnerability (K33548065)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by\na vulnerability as referenced in the K33548065 advisory.\n\n - In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an\n intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the\n DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException\n which includes the full path to the base resource directory that the DefaultServlet and/or webapp is\n using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException\n message is included in the error response, revealing the full server path to the requesting system.\n (CVE-2018-12536)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K33548065\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K33548065.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12536\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/29\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K33548065';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'APM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'PSM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'WOM': {\n 'affected': [\n '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:30:30", "description": "Update to latest upstream release in order to fix CVE-2017-9735\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-10T00:00:00", "type": "nessus", "title": "Fedora 25 : jetty / jetty-alpn / jetty-test-helper (2017-03954b6dc4)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jetty", "p-cpe:/a:fedoraproject:fedora:jetty-alpn", "p-cpe:/a:fedoraproject:fedora:jetty-test-helper", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-03954B6DC4.NASL", "href": "https://www.tenable.com/plugins/nessus/101325", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-03954b6dc4.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101325);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-9735\");\n script_xref(name:\"FEDORA\", value:\"2017-03954b6dc4\");\n\n script_name(english:\"Fedora 25 : jetty / jetty-alpn / jetty-test-helper (2017-03954b6dc4)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream release in order to fix CVE-2017-9735\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-03954b6dc4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected jetty, jetty-alpn and / or jetty-test-helper\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty-alpn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty-test-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"jetty-9.4.6-1.v20170531.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"jetty-alpn-8.1.11-2.v20170118.fc25\")) flag++;\nif (rpm_check(release:\"FC25\", reference:\"jetty-test-helper-3.1-3.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jetty / jetty-alpn / jetty-test-helper\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:30:31", "description": "It was discovered that Jetty, a Java servlet engine and webserver, was vulnerable to a timing attack which might reveal cryptographic credentials such as passwords to a local user.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 6.1.26-1+deb7u1.\n\nWe recommend that you upgrade your jetty packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-10T00:00:00", "type": "nessus", "title": "Debian DLA-1020-1 : jetty security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jetty", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1020.NASL", "href": "https://www.tenable.com/plugins/nessus/101321", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1020-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101321);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-9735\");\n\n script_name(english:\"Debian DLA-1020-1 : jetty security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Jetty, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n6.1.26-1+deb7u1.\n\nWe recommend that you upgrade your jetty packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/07/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected jetty package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"jetty\", reference:\"6.1.26-1+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:30:57", "description": "It was discovered that Jetty8, a Java servlet engine and webserver, was vulnerable to a timing attack which might reveal cryptographic credentials such as passwords to a local user.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 8.1.3-4+deb7u1.\n\nWe recommend that you upgrade your jetty8 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-12T00:00:00", "type": "nessus", "title": "Debian DLA-1021-1 : jetty8 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jetty8", "p-cpe:/a:debian:debian_linux:libjetty8-extra-java", "p-cpe:/a:debian:debian_linux:libjetty8-java", "p-cpe:/a:debian:debian_linux:libjetty8-java-doc", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1021.NASL", "href": "https://www.tenable.com/plugins/nessus/101376", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1021-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101376);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-9735\");\n\n script_name(english:\"Debian DLA-1021-1 : jetty8 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Jetty8, a Java servlet engine and webserver,\nwas vulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n8.1.3-4+deb7u1.\n\nWe recommend that you upgrade your jetty8 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/07/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/jetty8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jetty8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty8-extra-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty8-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjetty8-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"jetty8\", reference:\"8.1.3-4+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libjetty8-extra-java\", reference:\"8.1.3-4+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libjetty8-java\", reference:\"8.1.3-4+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libjetty8-java-doc\", reference:\"8.1.3-4+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:30:58", "description": "Backport fix for CVE-2017-9735\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-13T00:00:00", "type": "nessus", "title": "Fedora 24 : jetty (2017-1206f87545)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jetty", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-1206F87545.NASL", "href": "https://www.tenable.com/plugins/nessus/101497", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-1206f87545.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101497);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-9735\");\n script_xref(name:\"FEDORA\", value:\"2017-1206f87545\");\n\n script_name(english:\"Fedora 24 : jetty (2017-1206f87545)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backport fix for CVE-2017-9735\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-1206f87545\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected jetty package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"jetty-9.3.7-3.v20160115.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jetty\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:30:00", "description": "Update to latest upstream release in order to fix CVE-2017-9735\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : jetty (2017-4e2312892e)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jetty", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-4E2312892E.NASL", "href": "https://www.tenable.com/plugins/nessus/101629", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-4e2312892e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101629);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-9735\");\n script_xref(name:\"FEDORA\", value:\"2017-4e2312892e\");\n\n script_name(english:\"Fedora 26 : jetty (2017-4e2312892e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream release in order to fix CVE-2017-9735\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-4e2312892e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected jetty package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"jetty-9.4.6-1.v20170531.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jetty\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:56:07", "description": "The version of Jetty installed on the remote host suffers from a potential race condition when creating temporary sub directories. If an co-located attacker wins the race, then they will have read/write privilege to the subdirectory used to unpack web applications, potentially leading to a local privilege escalation vulnerability. Note that the scanner has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-04T00:00:00", "type": "nessus", "title": "Jetty < 9.4.33 Local Temp Directory Hijacking", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113002", "href": "https://www.tenable.com/plugins/was/113002", "sourceData": "No source data", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:53:49", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5168 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-24T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-eclipse (RHSA-2020:5168)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-antlr", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-bcel", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-bsf", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-log4j", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-oro", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-regexp", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-resolver", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-xalan2", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-commons-logging", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-commons-net", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-imageio", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-javamail", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-jdepend", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-jmf", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-jsch", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-junit", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-junit5", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-lib", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-manual", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-swing", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-testutil", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-xz", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-java", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-maven-plugin", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-tool", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apache-sshd", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apache-sshd-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apiguardian", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apiguardian-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-args4j", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-args4j-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-args4j-parent", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-css", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-demo", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-rasterizer", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-slideshow", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-squiggle", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-svgpp", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-ttf2svg", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-util", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-mail", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-pg", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-pkix", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-tls", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-cbi-plugins", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-cbi-plugins-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-decentxml", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-decentxml-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ecj", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-contributor-tools", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-ecf-core", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-ecf-runtime", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-ecf-sdk", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-egit", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-core", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-runtime", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-sdk", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-xsd", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-equinox-osgi", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-gef", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-gef-sdk", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-jdt", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-jgit", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-license1", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-license2", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-m2e-core", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-m2e-workspace", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-m2e-workspace-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-mpc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-p2-discovery", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-pde", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-platform", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-pydev", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-subclipse", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-swt", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-webtools-common", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-webtools-servertools", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-webtools-sourceediting", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ed25519-java", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-command", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-command-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-parent", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-runtime", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-runtime-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-shell", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-shell-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-scr", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-scr-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaewah", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaewah-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaparser", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaparser-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jchardet", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jchardet-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jctools", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jctools-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-client", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-continuation", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-http", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-io", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-jaas", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-jmx", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-security", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-server", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-servlet", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-util", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-webapp", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-xml", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jffi", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jffi-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jffi-native", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jgit", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jgit-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jna", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jna-contrib", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jna-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-constants", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-constants-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-ffi", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-ffi-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-netdb", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-netdb-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-posix", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-posix-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-x86asm", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-x86asm-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-connector-factory", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-core", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-jsch", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-pageant", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-sshagent", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-trilead-ssh2", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-usocket-jna", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-usocket-nc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-junit5", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-junit5-guide", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-junit5-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jython", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jython-demo", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jython-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jzlib", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jzlib-demo", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jzlib-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-analysis", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-analyzers-smartcn", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-backward-codecs", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-classification", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-codecs", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-grouping", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-highlighter", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-join", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-memory", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-misc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-monitor", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-queries", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-queryparser", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-sandbox", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-suggest", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-catalog", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-common", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-descriptor", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-packaging", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-plugin", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-indexer", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-indexer-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-netty", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-objectweb-asm", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-objectweb-asm-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-opentest4j", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-opentest4j-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-os-maven-plugin", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-os-maven-plugin-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-runtime", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sac", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sac-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sat4j", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-scldevel", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sequence-library", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sequence-library-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sqljet", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sqljet-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-stringtemplate", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-stringtemplate-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit-cli", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit-javahl", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-atom", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-common", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-maven-plugin", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-translate-plugin", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-xml", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-trilead-ssh2", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-trilead-ssh2-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-tycho", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-tycho-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-univocity-parsers", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-univocity-parsers-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ws-commons-util", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ws-commons-util-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xml-maven-plugin", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xml-maven-plugin-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlgraphics-commons", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlgraphics-commons-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-client", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-common", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-javadoc", "p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-server"], "id": "REDHAT-RHSA-2020-5168.NASL", "href": "https://www.tenable.com/plugins/nessus/143213", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:5168. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143213);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2020-27216\");\n script_xref(name:\"RHSA\", value:\"2020:5168\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"RHEL 7 : rh-eclipse (RHSA-2020:5168)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:5168 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:5168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1891132\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27216\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(377);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-antlr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-bcel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-bsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-oro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-regexp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-apache-xalan2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-commons-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-commons-net\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-javamail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-jdepend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-jmf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-jsch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-junit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-junit5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-swing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-testutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ant-xz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-maven-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-antlr32-tool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apache-sshd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apache-sshd-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apiguardian\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-apiguardian-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-args4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-args4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-args4j-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-css\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-rasterizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-slideshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-squiggle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-svgpp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-ttf2svg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-batik-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-pkix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-bouncycastle-tls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-cbi-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-cbi-plugins-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-decentxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-decentxml-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ecj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-contributor-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-ecf-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-ecf-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-ecf-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-egit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-emf-xsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-equinox-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-gef\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-gef-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-jdt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-jgit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-license1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-license2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-m2e-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-m2e-workspace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-m2e-workspace-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-mpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-p2-discovery\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-pde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-platform\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-pydev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-subclipse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-swt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-webtools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-webtools-servertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-eclipse-webtools-sourceediting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ed25519-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-command\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-command-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-runtime-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-gogo-shell-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-scr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-felix-scr-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaewah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaewah-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-javaparser-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jchardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jchardet-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jctools-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-continuation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-io\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-jaas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-servlet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jetty-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jffi-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jffi-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jgit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jgit-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jna-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jna-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-constants\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-constants-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-ffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-ffi-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-netdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-netdb-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-posix-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-x86asm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jnr-x86asm-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-connector-factory\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-jsch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-pageant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-sshagent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-trilead-ssh2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-usocket-jna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jsch-agent-proxy-usocket-nc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-junit5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-junit5-guide\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-junit5-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jython-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jython-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jzlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jzlib-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-jzlib-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-analysis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-analyzers-smartcn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-backward-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-classification\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-codecs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-grouping\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-highlighter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-join\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-memory\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-monitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-queries\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-queryparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-lucene-suggest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-descriptor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-archetype-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-indexer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-maven-indexer-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-objectweb-asm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-objectweb-asm-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-opentest4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-opentest4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-os-maven-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-os-maven-plugin-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sac-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sat4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-scldevel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sequence-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sequence-library-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sqljet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-sqljet-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-stringtemplate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-stringtemplate-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-svnkit-javahl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-atom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-maven-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-translate-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-takari-polyglot-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-trilead-ssh2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-trilead-ssh2-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-tycho\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-tycho-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-univocity-parsers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-univocity-parsers-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ws-commons-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-ws-commons-util-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xml-maven-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xml-maven-plugin-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlgraphics-commons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlgraphics-commons-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-eclipse-xmlrpc-server\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/server/7/7Server/x86_64/devtools/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/devtools/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/devtools/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/devtools/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/devtools/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/devtools/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-eclipse-4.17-6.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-ant-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-antlr-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-bcel-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-bsf-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-log4j-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-oro-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-regexp-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-resolver-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-apache-xalan2-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-commons-logging-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-commons-net-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-imageio-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-javadoc-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-javamail-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-jdepend-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-jmf-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-jsch-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-junit-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-junit5-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-lib-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-manual-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-swing-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-testutil-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ant-xz-1.10.9-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-antlr32-java-3.2-28.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-antlr32-javadoc-3.2-28.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-antlr32-maven-plugin-3.2-28.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-antlr32-tool-3.2-28.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-apache-sshd-2.4.0-5.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-apache-sshd-javadoc-2.4.0-5.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-apiguardian-1.1.0-6.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-apiguardian-javadoc-1.1.0-6.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-args4j-2.33-12.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-args4j-javadoc-2.33-12.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-args4j-parent-2.33-12.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-css-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-demo-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-javadoc-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-rasterizer-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-slideshow-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-squiggle-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-svgpp-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-ttf2svg-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-batik-util-1.13-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-bouncycastle-1.67-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-bouncycastle-javadoc-1.67-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-bouncycastle-mail-1.67-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-bouncycastle-pg-1.67-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-bouncycastle-pkix-1.67-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-bouncycastle-tls-1.67-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-cbi-plugins-1.1.7-8.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-cbi-plugins-javadoc-1.1.7-8.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-decentxml-1.4-24.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-decentxml-javadoc-1.4-24.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ecj-4.17-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-contributor-tools-4.17-2.2.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-ecf-core-3.14.17-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-ecf-runtime-3.14.17-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-ecf-sdk-3.14.17-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-egit-5.9.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-emf-core-2.23.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-emf-runtime-2.23.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-emf-sdk-2.23.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-emf-xsd-2.23.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-equinox-osgi-4.17-2.2.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-gef-3.11.0-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-gef-sdk-3.11.0-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-jdt-4.17-2.2.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-jgit-5.9.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-license1-1.0.1-12.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-license2-2.0.2-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-m2e-core-1.16.2-3.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-m2e-workspace-0.4.0-16.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-m2e-workspace-javadoc-0.4.0-16.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-mpc-1.8.4-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-p2-discovery-4.17-2.2.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-pde-4.17-2.2.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-platform-4.17-2.2.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-pydev-8.0.0-1.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-subclipse-4.3.0-8.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-swt-4.17-2.2.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-eclipse-webtools-common-3.19.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-webtools-servertools-3.19.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-eclipse-webtools-sourceediting-3.19.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ed25519-java-0.3.0-8.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-command-1.0.2-12.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-command-javadoc-1.0.2-12.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-parent-4-6.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-runtime-1.1.0-8.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-runtime-javadoc-1.1.0-8.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-shell-1.1.0-6.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-gogo-shell-javadoc-1.1.0-6.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-scr-2.1.16-7.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-felix-scr-javadoc-2.1.16-7.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-javaewah-1.1.6-10.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-javaewah-javadoc-1.1.6-10.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-javaparser-3.14.16-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-javaparser-javadoc-3.14.16-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jchardet-1.1-23.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jchardet-javadoc-1.1-23.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jctools-3.1.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jctools-javadoc-3.1.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-client-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-continuation-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-http-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-io-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-jaas-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-javadoc-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-jmx-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-security-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-server-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-servlet-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-util-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-webapp-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jetty-xml-9.4.33-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jffi-1.2.23-2.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jffi-javadoc-1.2.23-2.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jffi-native-1.2.23-2.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jgit-5.9.0-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jgit-javadoc-5.9.0-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jna-5.4.0-7.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jna-contrib-5.4.0-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jna-javadoc-5.4.0-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-constants-0.9.12-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-constants-javadoc-0.9.12-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-ffi-2.1.8-9.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-ffi-javadoc-2.1.8-9.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-netdb-1.1.6-11.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-netdb-javadoc-1.1.6-11.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-posix-3.0.47-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-posix-javadoc-3.0.47-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-x86asm-1.0.2-22.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jnr-x86asm-javadoc-1.0.2-22.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-connector-factory-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-core-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-javadoc-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-jsch-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-pageant-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-sshagent-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-trilead-ssh2-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-usocket-jna-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jsch-agent-proxy-usocket-nc-0.0.8-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-junit5-5.7.0-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-junit5-guide-5.7.0-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-junit5-javadoc-5.7.0-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jython-2.7.1-14.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jython-demo-2.7.1-14.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jython-javadoc-2.7.1-14.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jzlib-1.1.3-15.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jzlib-demo-1.1.3-15.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-jzlib-javadoc-1.1.3-15.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-analysis-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-analyzers-smartcn-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-backward-codecs-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-classification-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-codecs-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-grouping-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-highlighter-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-javadoc-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-join-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-memory-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-misc-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-monitor-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-queries-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-queryparser-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-sandbox-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-lucene-suggest-8.6.3-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-catalog-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-common-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-descriptor-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-javadoc-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-packaging-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-archetype-plugin-3.2.0-1.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-indexer-6.0.0-5.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-maven-indexer-javadoc-6.0.0-5.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-netty-4.1.51-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-objectweb-asm-8.0.1-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-objectweb-asm-javadoc-8.0.1-1.2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-opentest4j-1.2.0-4.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-opentest4j-javadoc-1.2.0-4.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-os-maven-plugin-1.6.2-2.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-os-maven-plugin-javadoc-1.6.2-2.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-runtime-4.17-6.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-sac-1.3-34.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-sac-javadoc-1.3-34.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-sat4j-2.3.5-20.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-scldevel-4.17-6.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-sequence-library-1.0.3-8.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-sequence-library-javadoc-1.0.3-8.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-sqljet-1.1.10-18.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-sqljet-javadoc-1.1.10-18.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-stringtemplate-3.2.1-24.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-stringtemplate-javadoc-3.2.1-24.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-svnkit-1.8.12-9.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-svnkit-cli-1.8.12-9.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-svnkit-javadoc-1.8.12-9.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-svnkit-javahl-1.8.12-9.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-takari-polyglot-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-takari-polyglot-atom-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-takari-polyglot-common-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-takari-polyglot-javadoc-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-takari-polyglot-maven-plugin-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-takari-polyglot-translate-plugin-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-takari-polyglot-xml-0.4.5-2.1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-trilead-ssh2-217.21-3.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-trilead-ssh2-javadoc-217.21-3.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-tycho-1.7.0-2.5.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-tycho-javadoc-1.7.0-2.5.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-univocity-parsers-2.9.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-univocity-parsers-javadoc-2.9.0-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ws-commons-util-1.0.2-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-ws-commons-util-javadoc-1.0.2-14.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-xml-maven-plugin-1.0.2-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-xml-maven-plugin-javadoc-1.0.2-7.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-xmlgraphics-commons-2.4-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-xmlgraphics-commons-javadoc-2.4-1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-eclipse-xmlrpc-client-3.1.3-27.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-xmlrpc-common-3.1.3-27.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-xmlrpc-javadoc-3.1.3-27.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'rh-eclipse-xmlrpc-server-3.1.3-27.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-eclipse / rh-eclipse-ant / rh-eclipse-ant-antlr / etc');\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-21T15:34:37", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K18484125 advisory.\n\n - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. (CVE-2020-27216)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Eclipse Jetty vulnerability (K18484125)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip:*:*:*:*:*:*:*:*"], "id": "F5_BIGIP_SOL18484125.NASL", "href": "https://www.tenable.com/plugins/nessus/161332", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K18484125.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161332);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-27216\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"F5 Networks BIG-IP : Eclipse Jetty vulnerability (K18484125)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by\na vulnerability as referenced in the K18484125 advisory.\n\n - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1\n thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on\n that system. A collocated user can observe the process of creating a temporary sub directory in the shared\n temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins\n the race then they will have read and write permission to the subdirectory used to unpack web\n applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of\n this temporary directory, this can lead to a local privilege escalation vulnerability. (CVE-2020-27216)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K18484125\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K18484125.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27216\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K18484125';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'APM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'ASM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'GTM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'LTM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'PEM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'PSM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n },\n 'WOM': {\n 'affected': [\n '17.0.0','16.0.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:48:08", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2499 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\n - jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n - jetty: request containing multiple Accept headers with a large number of quality parameters may lead to DoS (CVE-2020-27223)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-29T00:00:00", "type": "nessus", "title": "RHEL 8 : OpenShift Container Platform 4.6.36 (RHSA-2021:2499)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27223"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:jenkins"], "id": "REDHAT-RHSA-2021-2499.NASL", "href": "https://www.tenable.com/plugins/nessus/151117", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2499. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151117);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2020-27216\", \"CVE-2020-27218\", \"CVE-2020-27223\");\n script_xref(name:\"RHSA\", value:\"2021:2499\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 8 : OpenShift Container Platform 4.6.36 (RHSA-2021:2499)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2499 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\n - jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n - jetty: request containing multiple Accept headers with a large number of quality parameters may lead to\n DoS (CVE-2020-27223)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2499\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1891132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1902826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1934116\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jenkins package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27218\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-27216\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(226, 377, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/ppc64le/rhocp/4.6/debug',\n 'content/dist/layered/rhel8/ppc64le/rhocp/4.6/os',\n 'content/dist/layered/rhel8/ppc64le/rhocp/4.6/source/SRPMS',\n 'content/dist/layered/rhel8/s390x/rhocp/4.6/debug',\n 'content/dist/layered/rhel8/s390x/rhocp/4.6/os',\n 'content/dist/layered/rhel8/s390x/rhocp/4.6/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhocp/4.6/debug',\n 'content/dist/layered/rhel8/x86_64/rhocp/4.6/os',\n 'content/dist/layered/rhel8/x86_64/rhocp/4.6/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'jenkins-2.277.3.1623853726-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jenkins');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:07", "description": "Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657, CVE-2017-7658.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : jetty (2018-48b73ed393)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jetty", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-48B73ED393.NASL", "href": "https://www.tenable.com/plugins/nessus/120388", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-48b73ed393.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120388);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-7656\", \"CVE-2017-7657\", \"CVE-2017-7658\", \"CVE-2018-12536\");\n script_xref(name:\"FEDORA\", value:\"2018-48b73ed393\");\n\n script_name(english:\"Fedora 28 : jetty (2018-48b73ed393)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657,\nCVE-2017-7658.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-48b73ed393\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected jetty package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"jetty-9.4.11-2.v20180605.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jetty\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:05", "description": "Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12538.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-13T00:00:00", "type": "nessus", "title": "Fedora 27 : jetty (2018-93a507fd0f)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536", "CVE-2018-12538"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jetty", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-93A507FD0F.NASL", "href": "https://www.tenable.com/plugins/nessus/111048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-93a507fd0f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111048);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-7656\", \"CVE-2017-7657\", \"CVE-2017-7658\", \"CVE-2018-12536\", \"CVE-2018-12538\");\n script_xref(name:\"FEDORA\", value:\"2018-93a507fd0f\");\n\n script_name(english:\"Fedora 27 : jetty (2018-93a507fd0f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657,\nCVE-2017-7658, CVE-2018-12538.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-93a507fd0f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected jetty package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jetty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"jetty-9.4.11-2.v20180605.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jetty\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:49:17", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2517 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\n - jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n - jetty: request containing multiple Accept headers with a large number of quality parameters may lead to DoS (CVE-2020-27223)\n\n - jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity (XXE) attacks. (CVE-2021-21642)\n\n - jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP endpoints. (CVE-2021-21643)\n\n - jenkins-2-plugins/config-file-provider: does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. (CVE-2021-21644)\n\n - jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints.\n (CVE-2021-21645)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.11.462 bug fix and (RHSA-2021:2517)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27223", "CVE-2021-21642", "CVE-2021-21643", "CVE-2021-21644", "CVE-2021-21645"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:jenkins", "p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins"], "id": "REDHAT-RHSA-2021-2517.NASL", "href": "https://www.tenable.com/plugins/nessus/151276", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2517. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151276);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-27216\",\n \"CVE-2020-27218\",\n \"CVE-2020-27223\",\n \"CVE-2021-21642\",\n \"CVE-2021-21643\",\n \"CVE-2021-21644\",\n \"CVE-2021-21645\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2517\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.11.462 bug fix and (RHSA-2021:2517)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2517 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\n - jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n - jetty: request containing multiple Accept headers with a large number of quality parameters may lead to\n DoS (CVE-2020-27223)\n\n - jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity\n (XXE) attacks. (CVE-2021-21642)\n\n - jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP\n endpoints. (CVE-2021-21643)\n\n - jenkins-2-plugins/config-file-provider: does not require POST requests for an HTTP endpoint, resulting in\n a cross-site request forgery (CSRF) vulnerability. (CVE-2021-21644)\n\n - jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints.\n (CVE-2021-21645)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1891132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1902826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1934116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952146\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952152\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jenkins and / or jenkins-2-plugins packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21644\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-21642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(226, 281, 352, 377, 400, 611);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/ose/3.11/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/ose/3.11/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/ose/3.11/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/3.11/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/3.11/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/3.11/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/3.11/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/3.11/os',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/3.11/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'jenkins-2-plugins-3.11.1624366838-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-ansible'},\n {'reference':'jenkins-2.289.1.1624365627-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-ansible'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jenkins / jenkins-2-plugins');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-24T14:49:57", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2431 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\n - jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n - jetty: request containing multiple Accept headers with a large number of quality parameters may lead to DoS (CVE-2020-27223)\n\n - jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity (XXE) attacks. (CVE-2021-21642)\n\n - jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP endpoints. (CVE-2021-21643)\n\n - jenkins-2-plugins/config-file-provider: does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. (CVE-2021-21644)\n\n - jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints.\n (CVE-2021-21645)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-07-02T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27223", "CVE-2021-21642", "CVE-2021-21643", "CVE-2021-21644", "CVE-2021-21645"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:jenkins", "p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins"], "id": "REDHAT-RHSA-2021-2431.NASL", "href": "https://www.tenable.com/plugins/nessus/151290", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2431. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151290);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-27216\",\n \"CVE-2020-27218\",\n \"CVE-2020-27223\",\n \"CVE-2021-21642\",\n \"CVE-2021-21643\",\n \"CVE-2021-21644\",\n \"CVE-2021-21645\"\n );\n script_xref(name:\"RHSA\", value:\"2021:2431\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2431 advisory.\n\n - jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\n - jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n - jetty: request containing multiple Accept headers with a large number of quality parameters may lead to\n DoS (CVE-2020-27223)\n\n - jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity\n (XXE) attacks. (CVE-2021-21642)\n\n - jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP\n endpoints. (CVE-2021-21643)\n\n - jenkins-2-plugins/config-file-provider: does not require POST requests for an HTTP endpoint, resulting in\n a cross-site request forgery (CSRF) vulnerability. (CVE-2021-21644)\n\n - jenkins-2-plugins/config-file-provider: Does not perform permission checks in several HTTP endpoints.\n (CVE-2021-21645)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27218\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2431\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1891132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1902826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1934116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952146\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1952152\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jenkins and / or jenkins-2-plugins packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-21644\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-21642\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(226, 281, 352, 377, 400, 611);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jenkins-2-plugins\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.5/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.5/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.5/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/4.5/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/4.5/os',\n 'content/dist/rhel/server/7/7Server/x86_64/ose/4.5/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/ose/4.5/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/ose/4.5/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/ose/4.5/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'jenkins-2-plugins-4.5.1623326336-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube'},\n {'reference':'jenkins-2.277.3.1623846768-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jenkins / jenkins-2-plugins');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "osv": [{"lastseen": "2022-07-21T08:15:28", "description": "\nSeveral vulnerabilities were discovered in jetty, a Java servlet\nengine and webserver. An attacker may reveal cryptographic credentials\nsuch as passwords to a local user, disclose installation paths, hijack\nuser sessions or tamper with collocated webapps.\n\n\n* [CVE-2017-9735](https://security-tracker.debian.org/tracker/CVE-2017-9735)\nJetty is prone to a timing channel in util/security/Password.java,\n which makes it easier for remote attackers to obtain access by\n observing elapsed times before rejection of incorrect passwords.\n* [CVE-2018-12536](https://security-tracker.debian.org/tracker/CVE-2018-12536)\nOn webapps deployed using default Error Handling, when an\n intentionally bad query arrives that doesn't match a dynamic\n url-pattern, and is eventually handled by the DefaultServlet's\n static file serving, the bad characters can trigger a\n java.nio.file.InvalidPathException which includes the full path to\n the base resource directory that the DefaultServlet and/or webapp\n is using. If this InvalidPathException is then handled by the\n default Error Handler, the InvalidPathException message is\n included in the error response, revealing the full server path to\n the requesting system.\n* [CVE-2019-10241](https://security-tracker.debian.org/tracker/CVE-2019-10241)\nThe server is vulnerable to XSS conditions if a remote client USES\n a specially formatted URL against the DefaultServlet or\n ResourceHandler that is configured for showing a Listing of\n directory contents.\n* [CVE-2019-10247](https://security-tracker.debian.org/tracker/CVE-2019-10247)\nThe server running on any OS and Jetty version combination will\n reveal the configured fully qualified directory base resource\n location on the output of the 404 error for not finding a Context\n that matches the requested path. The default server behavior on\n jetty-distribution and jetty-home will include at the end of the\n Handler tree a DefaultHandler, which is responsible for reporting\n this 404 error, it presents the various configured contexts as\n HTML for users to click through to. This produced HTML includes\n output that contains the configured fully qualified directory base\n resource location for each context.\n* [CVE-2020-27216](https://security-tracker.debian.org/tracker/CVE-2020-27216)\nOn Unix like systems, the system's temporary directory is shared\n between all users on that system. A collocated user can observe\n the process of creating a temporary sub directory in the shared\n temporary directory and race to complete the creation of the\n temporary subdirectory. If the attacker wins the race then they\n will have read and write permission to the subdirectory used to\n unpack web applications, including their WEB-INF/lib jar files and\n JSP files. If any code is ever executed out of this temporary\n directory, this can lead to a local privilege escalation\n vulnerability.\n\n\nThis update also includes several other bug fixes and\nimprovements. For more information please refer to the upstream\nchangelog file.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n9.2.30-0+deb9u1.\n\n\nWe recommend that you upgrade your jetty9 packages.\n\n\nFor the detailed security status of jetty9 please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/jetty9>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-05-14T00:00:00", "type": "osv", "title": "jetty9 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735", "CVE-2019-10247", "CVE-2020-27216", "CVE-2018-12536", "CVE-2019-10241"], "modified": "2022-07-21T05:53:44", "id": "OSV:DLA-2661-1", "href": "https://osv.dev/vulnerability/DLA-2661-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-10T07:20:23", "description": "\nMultiple vulnerabilities were discovered in Jetty, a Java servlet engine\nand webserver which could result in cross-site scripting, information\ndisclosure, privilege escalation or denial of service.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 9.4.16-0+deb10u1.\n\n\nWe recommend that you upgrade your jetty9 packages.\n\n\nFor the detailed security status of jetty9 please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/jetty9](https://security-tracker.debian.org/tracker/jetty9)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-08-04T00:00:00", "type": "osv", "title": "jetty9 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10247", "CVE-2020-27216", "CVE-2021-28169", "CVE-2021-28165", "CVE-2020-27223", "CVE-2021-34428", "CVE-2019-10241"], "modified": "2022-08-10T07:20:11", "id": "OSV:DSA-4949-1", "href": "https://osv.dev/vulnerability/DSA-4949-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-12T05:35:08", "description": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-10-19T16:15:56", "type": "osv", "title": "Moderate severity vulnerability that affects org.eclipse.jetty:jetty-server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12536"], "modified": "2023-03-12T05:35:01", "id": "OSV:GHSA-9RGV-H7X4-QW8G", "href": "https://osv.dev/vulnerability/GHSA-9rgv-h7x4-qw8g", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-11T05:43:41", "description": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-04-23T16:06:02", "type": "osv", "title": "Cross-site Scripting in Eclipse Jetty", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241"], "modified": "2023-03-11T05:43:40", "id": "OSV:GHSA-7VX9-XJHR-RW6H", "href": "https://osv.dev/vulnerability/GHSA-7vx9-xjhr-rw6h", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-11T05:45:26", "description": "In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-04-23T16:07:12", "type": "osv", "title": "Installation information leak in Eclipse Jetty", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10247"], "modified": "2023-03-11T05:45:19", "id": "OSV:GHSA-XC67-HJX6-CGG6", "href": "https://osv.dev/vulnerability/GHSA-xc67-hjx6-cgg6", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-21T08:20:32", "description": "\nIt was discovered that Jetty8, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n8.1.3-4+deb7u1.\n\n\nWe recommend that you upgrade your jetty8 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2017-07-11T00:00:00", "type": "osv", "title": "jetty8 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2022-07-21T05:51:42", "id": "OSV:DLA-1021-1", "href": "https://osv.dev/vulnerability/DLA-1021-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-21T08:20:31", "description": "\nIt was discovered that Jetty, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n6.1.26-1+deb7u1.\n\n\nWe recommend that you upgrade your jetty packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2017-07-09T00:00:00", "type": "osv", "title": "jetty - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2022-07-21T05:51:42", "id": "OSV:DLA-1020-1", "href": "https://osv.dev/vulnerability/DLA-1020-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-10T05:23:55", "description": "Jetty through 9.4.x contains a timing channel attack in util/security/Password.java, which allows attackers to obtain access by observing elapsed times before rejection of incorrect passwords.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-19T16:15:46", "type": "osv", "title": "Jetty vulnerable to exposure of sensitive information due to observable discrepancy", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2023-03-10T05:23:48", "id": "OSV:GHSA-WFCC-PFF6-RGC5", "href": "https://osv.dev/vulnerability/GHSA-wfcc-pff6-rgc5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-12T05:36:05", "description": "### Impact\nOn Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.\n\nAdditionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable.\n\nAdditionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted.\nSee: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR\n\nFor example:\n```java\nimport java.io.File;\nimport java.io.IOException;\nimport javax.servlet.ServletContext;\nimport javax.servlet.ServletException;\nimport javax.servlet.http.HttpServlet;\nimport javax.servlet.http.HttpServletRequest;\nimport javax.servlet.http.HttpServletResponse;\n\npublic class ExampleServlet extends HttpServlet {\n @Override\n protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {\n File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised\n // do something with that temp dir\n }\n}\n```\n\nExample: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them.\n\n### CVSSv3.1 Evaluation\n\nThis vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1)\n\n### Patches\nFixes were applied to the 9.4.x branch with:\n- https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb\n- https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f\n\nThese will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3\n\n### Workarounds\n\nA work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system.\nFor recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory).\nAlternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below.\n\nThe Jetty search order for finding a temporary directory is as follows:\n\n1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it.\n2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it.\n3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1)\n4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it.\n5. Use `System.getProperty(\"java.io.tmpdir\")` and use it.\n\nJetty will end traversal at the first successful step.\nTo mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker.\n\n#### Setting a Jetty server temporary directory.\n\nChoices 3 and 5 apply to the server level, and will impact all deployed webapps on the server.\n\nFor choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty.\n\nFor choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty.\n\n``` shell\n[jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar\n```\n\n#### Setting a Context specific temporary directory.\n\nThe rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/<context>.xml`)\n\nExample (excluding the DTD which is version specific):\n\n``` xml\n<Configure class=\"org.eclipse.jetty.webapp.WebAppContext\">\n <Set name=\"contextPath\"><Property name=\"foo\"/></Set>\n <Set name=\"war\">/var/web/webapps/foo.war</Set>\n <Set name=\"tempDirectory\">/var/web/work/foo</Set>\n</Configure>\n```\n\n### References\n \n - https://github.com/eclipse/jetty.project/issues/5451\n - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html)\n - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html)\n - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473)\n\n### Similar Vulnerabilities\n\nSimilar, but not the same.\n\n - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp\n - Google Guava - https://github.com/google/guava/issues/4011\n - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945\n - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824\n\n### For more information\n\nThe original report of this vulnerability is below:\n\n> On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh <jonathan.leitschuh@gmail.com> wrote:\n> Hi WebTide Security Team,\n>\n> I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty.\n>\n> https://lgtm.com/query/5615014766184643449/\n>\n> I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users.\n> There exists a race condition between the deletion of the temporary file and the creation of the directory.\n>\n> ```java\n> // ensure file will always be unique by appending random digits\n> tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated\n> // delete the file that was created\n> tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty.\n> // and make a directory of the same name\n> // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory\n> tmpDir.mkdirs();\n> ```\n>\n> https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518\n>\n> In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback.\n>\n>\n> https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468\n>\n> If any code is ever executed out of this temporary directory, this can lead to a local privilege\u00a0escalation vulnerability.\n>\n> Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there?\u00a0https://github.com/eclipse/jetty.project/security/advisories\n>\n> **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.**\n>\n> Cheers,\n> Jonathan Leitschuh\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-04T17:50:24", "type": "osv", "title": "Local Temp Directory Hijacking Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15824", "CVE-2020-1945", "CVE-2020-27216"], "modified": "2023-03-12T05:36:00", "id": "OSV:GHSA-G3WG-6MCF-8JJ6", "href": "https://osv.dev/vulnerability/GHSA-g3wg-6mcf-8jj6", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-02-23T21:45:09", "description": "## Summary\n\nFix for (CVE-2019-10241) and (CVE-2019-10247). \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2019-10241_](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/160676_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID**: [_CVE-2019-10247_](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/160610_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Network Performance Insight: 1.3.0.0\n\n## Remediation/Fixes\n\n1.3.0.0-TIV-NPI-IF0005 \n\nFix Central link: [_http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.0.0-TIV-NPI-IF0005&amp;source=SAR_](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.0.0-TIV-NPI-IF0005&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-07-24T03:15:01", "type": "ibm", "title": "Security Bulletin: IBM Network Performance Insight (CVE-2019-10241, CVE-2019-10247)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10247"], "modified": "2019-07-24T03:15:01", "id": "F9336FFC545BDCFCB6E2911A06416BD29601F97D9670FD8B6FE980BAB262EA22", "href": "https://www.ibm.com/support/pages/node/959429", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:41:02", "description": "## Summary\n\nIBM Security Guardium Insights has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145523](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Guardium Insights| 2.0.1 \n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium Insights| 2.0.1| [https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&amp;mhq=pasport%20advantage](<https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-06T12:30:35", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium Insights is affected by a Components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536", "CVE-2019-10241", "CVE-2019-10247"], "modified": "2021-10-06T12:30:35", "id": "1816205804EFBBBBB94018144A008A33799E226A9B559AA545872E5FBE25A885", "href": "https://www.ibm.com/support/pages/node/6320063", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:41:58", "description": "## Summary\n\nEclipse Jetty contains vulnerabilities that may allow a remote attacker to obtain sensitive information, cause execution of scripts without their knowledge and experience denial of service attacks.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2019-10241_](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/160676_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID**: [_CVE-2019-10247_](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/160610_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nRPT versions 8.6, 8.7, 9.0, 9.1, 9.2, 9.5.\n\n## Remediation/Fixes\n\nUpgrading to RPT version 10.0 is strongly recommended.\n\nProduct | VRMF | APAR | Remediation/First Fix \n---|---|---|--- \nRPT | 9.5 | None | Download \n<https://download4.boulder.ibm.com/sar/CMA/RAA/08cfc/0/RPTRST_PSIRT16274_9500UpdateSite.zip> \nRPT | 9.2.1.1 | None | Download \n<https://download4.boulder.ibm.com/sar/CMA/RAA/08cfa/0/RPTRST_PSIRT16274_9211UpdateSite.zip> \nRPT | 9.1.1.1 | None | Download \n<https://download4.boulder.ibm.com/sar/CMA/RAA/08cf7/0/RPTRST_PSIRT16274_9111UpdateSite.zip> \nRPT | 9.0 | None | Upgrade to version 10.0 \nRPT | 8.7 | None | Upgrade to version 10.0 \nRPT | 8.6 | None | Upgrade to version 10.0 \n \n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-12-16T16:01:20", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Rational Performance Tester", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2019-12-16T16:01:20", "id": "A286BD77B3C7FBE86C2323B3D9F433CB3B367EDDC062CD70A992ABBC521C41B7", "href": "https://www.ibm.com/support/pages/node/957497", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:36:33", "description": "## Summary\n\nThere is a vulnerability in IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 8 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java SDK updates in May 2018 and Jetty Server update in May 2019.\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \nDescription: Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160676> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\nCVE-ID: [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>)\n\nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.\n\nCVSS Base Score: 5.3\n\nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for more information\n\nCVSS Environmental Score*: Undefined\n\nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\nCVE-ID: [CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>)\n\nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.\n\nCVSS Base Score: 5.3\n\nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160610> for more information\n\nCVSS Environmental Score*: Undefined\n\nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nConnect:Direct Browser User Interface 1.5.0.2 through 1.5.0.2 iFix24\n\n## Remediation/Fixes\n\n**Sterling Connect:Direct Browser User Interface**\n\n| \n\n1.5.0.2\n\n| \n\niFix25\n\n| \n\n[Fix Central - 1.5.0.2](<https://www-945.ibm.com/support/fixcentral/swg/identifyFixes?query.parent=ibm~Other%20software&query.product=ibm~Other%20software~Sterling%20Connect:Direct%20Browser%20User%20Interface&query.release=1.5.0.2&query.platform=All>) \n \n---|---|---|--- \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-06-23T16:36:10", "type": "ibm", "title": "Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2019-10241, CVE-2019-10246 & CVE-2019-10247)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2022-06-23T16:36:10", "id": "0CDA7C10442B705C677D939E4525A0FD2BF6C2E3CCD7C1AC57DA125C095DD3F3", "href": "https://www.ibm.com/support/pages/node/1073978", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-24T01:37:09", "description": "## Summary\n\nThree Eclipse Jetty vulnerabilities were addressed by IBM Sterling Secure Proxy.\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \nDescription: Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160676> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\nCVE-ID: [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \nCVE-ID: [CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160610> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n\n## Affected Products and Versions\n\nIBM Secure Proxy 6.0.0.0 through 6.0.0.1\n\nIBM Sterling Secure Proxy 3.4.3 through 3.4.3.2 iFix 5\n\n## Remediation/Fixes\n\n**_Product_**\n\n| \n\n**_VRMF_**\n\n| \n\n**_APAR_**\n\n| \n\n**_How to acquire fix_** \n \n---|---|---|--- \n \nIBM Secure Proxy\n\n| \n\n6.0.0.1\n\n| \n\niFix 1\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other+software&product=ibm/Other+software/Sterling+Secure+Proxy&release=6.0.0.0&platform=All&function=all>) \n \nIBM Sterling Secure Proxy\n\n| \n\n3.4.3.2\n\n| \n\niFix 6\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other+software&product=ibm/Other+software/Sterling+Secure+Proxy&release=3.4.3.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: Multiple Eclipse Jetty Vulnerabilities Affect IBM Sterling Secure Proxy Summary", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2020-07-24T22:19:08", "id": "1A030187296C45282C7919058ADD8AA1992811C3B3D7481CF22AA0E13A7F5096", "href": "https://www.ibm.com/support/pages/node/1095826", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-24T01:37:07", "description": "## Summary\n\nThree Eclipse Jetty vulnerabilities were addressed by IBM Sterling Secure External Authentication Server.\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \nDescription: Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160676> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\nCVE-ID: [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \nCVE-ID: [CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160610> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n\n## Affected Products and Versions\n\nIBM Secure External Authentication Server 6.0.0.0 through 6.0.0.1\n\nIBM Sterling Secure External Authentication Server 2.4.3 through 2.4.3.2 iFix 5\n\n## Remediation/Fixes\n\n**_Product_**\n\n| \n\n**_VRMF_**\n\n| \n\n**_APAR_**\n\n| \n\n**_How to acquire fix_** \n \n---|---|---|--- \n \nIBM Secure External Authentication Server\n\n| \n\n6.0.0.1\n\n| \n\niFix 1\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther+software&product=ibm/Other+software/Sterling+External+Authentication+Server&release=6.0.0.0&platform=All&function=all>) \n \nIBM Sterling Secure External Authentication Server\n\n| \n\n2.4.3.2\n\n| \n\niFix 6\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther+software&product=ibm/Other+software/Sterling+External+Authentication+Server&release=2.4.3.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: Multiple Eclipse Jetty Vulnerabilities Affect IBM Sterling Secure External Authentication Server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2020-07-24T22:19:08", "id": "2DD33EDACA0BB82F4B5458A08C6886655FE63C68C3DB81837B804B712F21638E", "href": "https://www.ibm.com/support/pages/node/1095838", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:43:41", "description": "## Summary\n\nThere are vulnerabilities in various versions of Eclipse Jetty that affect Apache Solr. The vulnerabilities are in Vulnerability Details section.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nLog Analysis| 1.3.1 \nLog Analysis| 1.3.2 \n \nLog Analysis| 1.3.3 \n \nLog Analysis| 1.3.4 \n \nLog Analysis| 1.3.5 \n \nLog Analysis| 1.3.6 \n \n \n\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s) :| Fix details \n---|--- \nIBM Operations Analytics - Log Analysis version 1.3.x| Upgrade to Log Analysis version 1.3.7 \nDownload the 1.3.7-TIV-IOALA-FP [here](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics&product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&release=1.3.7&platform=All&function=all> \"here\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-04-20T06:01:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics - Log Analysis", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2021-04-20T06:01:01", "id": "FF60AB2CCC42CBF13C1B6FA8A219EC72D17B3DCC11F28A2485862DCCD8A4C2EC", "href": "https://www.ibm.com/support/pages/node/6445357", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:44:01", "description": "## Summary\n\nMultiple vulnerabilities in Eclipse Jetty were addressed by IBM InfoSphere Information Server. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160610> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160676> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID:** [CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/161491> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n\n## Affected Products and Versions\n\nThe following product, running on all supported platforms, is affected: \nIBM InfoSphere Information Server : versions 11.3, 11.5, 11.7\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server, Information Server on Cloud | 11.7 | [_JR61098_](<http://www.ibm.com/support/docview.wss?uid=swg1JR61098>) | \\--Upgrade your Update Installer to [_version 11.7.1.41_](<https://www-01.ibm.com/support/docview.wss?uid=swg24038034>) or later \n\\--Apply InfoSphere Information Server version [_11.7.1.0_](<https://www.ibm.com/support/docview.wss?uid=ibm10878310>) \n\\--Apply InfoSphere Information Server _[11.7.1.0 Service Pack 1](<http://www.ibm.com/support/docview.wss?uid=ibm10957209>)_ \n\\--Apply InfoSphere _[DataStage Flow Designer July 2019 patch](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FIBM+InfoSphere+Information+Server&fixids=is11710_July2019_DFD_services_engine_multi&source=SAR&function=fixId&parent=ibm/Information%20Management>)_ \n \n \nInfoSphere Information Server, Information Server on Cloud | 11.5 | [_JR61098_](<http://www.ibm.com/support/docview.wss?uid=swg1JR61098>) | \\--Upgrade your Update Installer to [_version 11.7.1.41_](<https://www-01.ibm.com/support/docview.wss?uid=swg24038034>) or later \nInfoSphere Information Server | 11.3 | [_JR61098_](<http://www.ibm.com/support/docview.wss?uid=swg1JR61098>) | \\--Upgrade to a new release where the issue has been addressed \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T19:44:06", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12545", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2019-09-11T19:44:06", "id": "1DC9078E2D1CA7D5784B1FC9BDA067B8531DD5665DE952284FBF28A882CBE820", "href": "https://www.ibm.com/support/pages/node/887123", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:41:57", "description": "## Summary\n\nEclipse Jetty contains vulnerabilities that may allow a remote attacker to obtain sensitive information, cause execution of scripts without their knowledge and experience denial of service attacks.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2019-10241_](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/160676_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID**: [_CVE-2019-10247_](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/160610_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID: **[CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>) \n**DESCRIPTION: ** Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/161491> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nRST versions 8.6, 8.7, 9.0, 9.1, 9.2, 9.5.\n\n## Remediation/Fixes\n\nUpgrading to RST version 10.0 is strongly recommended.\n\nProduct | VRMF | APAR | Remediation/First Fix \n---|---|---|--- \nRST | 9.5 | None | Download \n<https://download4.boulder.ibm.com/sar/CMA/RAA/08cfc/0/RPTRST_PSIRT16274_9500UpdateSite.zip> \nRST | 9.2.1.1 | None | Download \n<https://download4.boulder.ibm.com/sar/CMA/RAA/08cfa/0/RPTRST_PSIRT16274_9211UpdateSite.zip> \nRST | 9.1.1.1 | None | Download \n<https://download4.boulder.ibm.com/sar/CMA/RAA/08cf7/0/RPTRST_PSIRT16274_9111UpdateSite.zip> \nRST | 9.0 | None | Upgrade to version 10.0 \nRST | 8.7 | None | Upgrade to version 10.0 \nRST | 8.6 | None | Upgrade to version 10.0 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-16T16:05:48", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Rational Service Tester", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12545", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247"], "modified": "2019-12-16T16:05:48", "id": "7AF5E457957D525BF4860A192FFBA4A63C528432C2CE1B5DDAC50B96EBBF9A8E", "href": "https://www.ibm.com/support/pages/node/957529", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:36:33", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 8 that is used by IBM Connect:Direct Web Services. These issues were disclosed as part of the IBM Java SDK updates in May 2019\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \nCVE-ID: [CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160610> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \nCVE-ID: [CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \nDescription: Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/160676> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n \nCVE-ID: [CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>) \nDescription: Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/161491> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nCVE-ID: [CVE-2019-2602](<https://vulners.com/cve/CVE-2019-2602>) \nDescription: A flaw in the java.math.BigDecimal API causes hangs when parsing certain String values. This potentially allows an attacker to inflict a denial-of-service. \nThe fix ensures that all Strings are parsed promptly. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/159698> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Connect:Direct Web Services from version 5.3 to 6.0.0.3\n\n## Remediation/Fixes\n\n**Product** | **VRMF** | **Fix Central** \n---|---|--- \nIBM Connect:Direct Web Services | 5.3 - 6.0.0.3 | [Fix Central - ](<https://www-945.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services>)6.0.0.4 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-23T16:36:10", "type": "ibm", "title": "Security Bulletin: Multiple Java Vulnerabilities Affect IBM Connect:Direct Web Services", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12545", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-2602"], "modified": "2022-06-23T16:36:10", "id": "A2986B3F1E7D262A7D84A42B3E6305CB140E7761D5A0E56DB1A501FFE61D4E56", "href": "https://www.ibm.com/support/pages/node/1077195", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:36:02", "description": "## Summary\n\nThere are multiple vulnerabilities in Eclipse Jetty that could allow an attacker to obtain sensitive information. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-34428](<https://vulners.com/cve/CVE-2021-34428>) \n** DESCRIPTION: **Eclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session ID is not invalidated flaw when an exception is thrown from the SessionListener#sessionDestroyed() method. By gaining access to the application on the shared computer, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 3.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-27218](<https://vulners.com/cve/CVE-2020-27218>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when GZIP request body inflation is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to inject data into the body of the subsequent request. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-28169](<https://vulners.com/cve/CVE-2021-28169>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the ConcatServlet. By sending a specially-crafted request using a doubly encoded path, an attacker could exploit this vulnerability to obtain sensitive information from protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203492](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203492>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Products/Versions guidance:**\n\n**Affected Product(s)**| **Version(s) \n** \n---|--- \nIBM Process Mining| 1.12.0.3 \n| \n \n## Remediation/Fixes\n\n**Remediation/Fixes guidance**:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Process Mining| 1.12.0.3| \n\n**Upgrade to version 1.12.0.4** \n \n1.Login to [PassPortAdvantage](<https://www-112.ibm.com/software/howtobuy/passportadvantage/homepage/paocustomer> \"PassPortAdvantage\" ) \n \n2\\. Search for \n**M05JKML** Process Mining 1.12.0.4 Server Multiplatform Multilingual \n \n3\\. Download package\n\n4\\. Follow install instructions \n \n5\\. Repeat for **M05JJML** Process Mining 1.12.0.4 Client Windows Multilingual \n \n| | \n \n## Workarounds and Mitigations\n\n**Workarounds/Mitigation guidance**:\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-02-01T21:46:34", "type": "ibm", "title": "Security Bulletin: Vulnerability in Eclipse Jetty affects IBM Process Mining (Multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27218", "CVE-2021-28169", "CVE-2021-34428"], "modified": "2023-02-01T21:46:34", "id": "654EC4741C192A4D4B8ACB967C8C2D31BEFC1442C9B7DCC262604FE1AE69DF3B", "href": "https://www.ibm.com/support/pages/node/6574041", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-28T01:55:50", "description": "## Summary\n\nSecurity vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP3.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-27218](<https://vulners.com/cve/CVE-2020-27218>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when GZIP request body inflation is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to inject data into the body of the subsequent request. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n**CVEID: **[CVE-2021-20461](<https://vulners.com/cve/CVE-2021-20461>) \n**DESCRIPTION: **IBM Cognos Analytics is susceptible to a weakness in the implementation of the System Appearance configuration setting. An attacker could potentially bypass business logic to modify the appearance and behavior of the application. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196770](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196770>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2019-17632](<https://vulners.com/cve/CVE-2019-17632>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the error messages to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172261](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172261>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n**DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-17638](<https://vulners.com/cve/CVE-2019-17638>) \n**DESCRIPTION: **Eclipse Jetty, as bundled in Jenkins, could allow a remote attacker to obtain sensitive information, caused by an issue with corrupt HTTP response buffer being sent to different clients. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 9.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185436](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185436>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L) \n \n**CVEID: **[CVE-2020-27223](<https://vulners.com/cve/CVE-2020-27223>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by an error when handling a request containing multiple Accept headers with a large number of quality parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust minutes of CPU time. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197559](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197559>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161491](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161491>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145523](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2017-9735](<https://vulners.com/cve/CVE-2017-9735>) \n**DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127842](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2020-28491](<https://vulners.com/cve/CVE-2020-28491>) \n**DESCRIPTION: **FasterXML jackson-dataformats-binary is vulnerable to a denial of service, caused by an unchecked allocation of byte buffer flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a java.lang.OutOfMemoryError exception resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197038](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197038>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2021-28163](<https://vulners.com/cve/CVE-2021-28163>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when the ${jetty.base} directory or the ${jetty.base}/webapps directory is a symlink. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain webapp directory contents information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2021-28165](<https://vulners.com/cve/CVE-2021-28165>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by improper input valistion. By sending a specially-crafted TLS frame, a remote attacker could exploit this vulnerability to cause CPU resources to reach to 100% usage. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199305](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199305>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2021-28164](<https://vulners.com/cve/CVE-2021-28164>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by improper input validation by the default compliance mode. By sending specially-crafted requests with URIs that contain %2e or %2e%2e segments, an attacker could exploit this vulnerability to access protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199304](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199304>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Analytics 11.1\n\nIBM Cognos Analytics 11.0\n\n## Remediation/Fixes\n\n**For IBM Cognos Analytics 11.1.x : **\n\nThe recommended solution is to apply the fix for the versions listed as soon as practical.\n\n[IBM Cognos Analytics 11.1.7 FP3](<https://www.ibm.com/support/pages/node/6454111> \"IBM Cognos Analytics 11.1.7 FP3\" )\n\n**For IBM Cognos Analytics 11.0.x:**\n\nThe recommended solution is to apply the latest available version of IBM Cognos Analytics 11.0.x.\n\n[IBM Cognos Analytics 11.0.13 Fix Pack 4](<https://www.ibm.com/support/pages/node/6402561> \"IBM Cognos Analytics 11.0.13 Fix Pack 4\" )\n\nApplicable vulnerabilities have already been addressed in IBM Cognos Analytics 11.2.0 prior to GA release\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-29T23:59:31", "type": "ibm", "title": "Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-9735", "CVE-2018-12536", "CVE-2018-12545", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-17632", "CVE-2019-17638", "CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27223", "CVE-2020-28491", "CVE-2021-20461", "CVE-2021-28163", "CVE-2021-28164", "CVE-2021-28165"], "modified": "2021-06-29T23:59:31", "id": "573F294E16A1C9B7682B48604209232E9D20CDAD4F9D09F633AA855F804E24CD", "href": "https://www.ibm.com/support/pages/node/6466729", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T05:40:32", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM\u00ae SDK Java Technology Edition, Version 6 and IBM\u00ae Runtime Environment Java Version 7 used by IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in Jul 2019.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Content Classification| 8.8 \n \n## Remediation/Fixes\n\n**Product**\n\n| **VRM**| **Remediation** \n---|---|--- \nIBM Content Classification| 8.8| Use IBM Content Classification 8.8.0.3[Interim Fix 0019](<https://www.ibm.com/support/fixcentral/> \"Interim Fix 0019\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-11-27T21:01:15", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241"], "modified": "2020-11-27T21:01:15", "id": "CA7B69C6C25B5CD3E67C5E490475138F56E88AC0B9EF3B3DB16A58692CDC85F8", "href": "https://www.ibm.com/support/pages/node/1283758", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:51:45", "description": "## Summary\n\nA vulnerability in Eclipse Jetty was addressed by IBM InfoSphere Information Server.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2017-9735_](<https://vulners.com/cve/CVE-2017-9735>) \n**DESCRIPTION:** Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/127842_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following product, running on all supported platforms, is affected: \nIBM InfoSphere Information Server: versions 9.1, 11.3, and 11.5 \nIBM InfoSphere Information Server on Cloud version 11.5\n\n## Remediation/Fixes\n\n**_Product_**\n\n| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nInfoSphere Information Server, Information Server on Cloud| 11.5| [_JR58248_](<http://www.ibm.com/support/docview.wss?uid=swg1JR58248>)| \\--Update to the latest [_Updater for 11.5_](<http://www-01.ibm.com/support/docview.wss?uid=swg24038034>) before applying any patch \nInfoSphere Information Server| 11.3| [_JR58248_](<http://www.ibm.com/support/docview.wss?uid=swg1JR58248>)| \\--Update to the latest [_Updater for 11.3_](<http://www-01.ibm.com/support/docview.wss?uid=swg24038034>) before applying any patch \nInfoSphere Business Server| 9.1| [_JR58248_](<http://www.ibm.com/support/docview.wss?uid=swg1JR58248>)| \\--Upgrade to a new release where the issue has been fixed \n \n**Contact Technical Support:** \nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [_contacts for other countries_](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [_open a Service Request_](<http://www.ibm.com/software/support/probsub.html>) with Information Server Technical Support. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-16T14:17:34", "type": "ibm", "title": "Security Bulletin: A vulnerability in Eclipse Jetty affects the IBM InfoSphere Information Server installers", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2018-06-16T14:17:34", "id": "298BF6456F25FB0FA4ABCC44697A8A09539C09F07FD2D12D662783F870D20656", "href": "https://www.ibm.com/support/pages/node/298099", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T05:55:44", "description": "## Summary\n\nIBM Development Package for Apache Spark addresses the following vulnerability by updating the affected component. \n \nThe primary role of Jetty within Apache Spark is to provide the Web UI via http, or optionally via https. This https communication channel is encrypted using a server-side keystore, which should be protected with a password. The Jetty vulnerability is an algorithm that exposes a tractable brute force attack against this password.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2017-9735_](<https://vulners.com/cve/CVE-2017-9735>)** \nDESCRIPTION:** Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/127842_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n\n## Affected Products and Versions\n\n**Affected IBM Development Package for Apache Spark**\n\n| \n\n**Affected Versions** \n \n---|--- \nIBM Development Package for Apache Spark v2.x| Version 2.0.0.0 - 2.1.1.0 \nIBM Development Package for Apache Spark v1.x| All versions \n \n## Remediation/Fixes\n\n**IBM Development Package for Apache Spark**\n\n| \n\n**Remediation / Fix** \n \n---|--- \n[IBM Development Package for Apache Spark](<https://www.ibm.com/developerworks/java/jdk/spark/>) v2.x| Version 2.1.1.1, and later \n \n_For IBM Development Package for Apache Spark, v1.6.3.1 and earlier versions, IBM recommends upgrading to a fixed, supported version of the product._\n\n## Workarounds and Mitigations\n\nDo not use the Apache Spark Web UI features (off by default) via https. \n \nRecommendation is to upgrade to a supported release delivering the fixed code.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-15T07:07:53", "type": "ibm", "title": "Security Bulletin: IBM Development Package for Apache Spark is affected by an Eclipse Jetty vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2018-06-15T07:07:53", "id": "CE88EF5FA52F7C45C7237870ADB3FB7CCE5436E5AE3ED58C08CAF3501C651AE8", "href": "https://www.ibm.com/support/pages/node/565459", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T09:43:54", "description": "## Summary\n\nIBM Content Classification has addressed the following vulnerability. Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \n\n## Vulnerability Details\n\n**CVEID: **[_CVE-2017-9735_](<https://vulners.com/cve/CVE-2017-9735>)** \nDESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/127842_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Content Classification v8.8\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRM**| **Remediation** \n---|---|--- \nIBM Content Classification| 8.8| Use IBM Content Classification 8.8 [Interim Fix 0009](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FContent+Classification&fixids=8.8.0.1-IS-Classification-WINDOWS-IF0009&source=SAR>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T12:18:37", "type": "ibm", "title": "Security Bulletin: IBM Content Classification is affected by an Open Source Eclipse Jetty Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2018-06-17T12:18:37", "id": "77CE729955C639856E4B82368F1A80123E289EE9ADBA4B2D00CD85052FAB5820", "href": "https://www.ibm.com/support/pages/node/564881", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:47:38", "description": "## Summary\n\nA vulnerability allowing Eclipse Jetty to gain elevated privileges was addressed by IBM Sterling Secure External Authentication Server.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM External Authentication Server| 6.0.0 through 6.0.1.1 iFix 2 \nIBM Sterling External Authentication Server| 2.4.3 through 2.4.3.2 iFix 9 \n \n\n\n## Remediation/Fixes\n\n**_Product_**\n\n| \n\n**_VRMF_**\n\n| \n\n**_iFix_**\n\n| \n\n**_Remediation/First Fix_** \n \n---|---|---|--- \n \nIBM Secure External Authentication Server\n\n| \n\n6.0.1.1\n\n| \n\n_iFix 3_\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther+software&product=ibm/Other+software/Sterling+External+Authentication+Server&release=6.0.1.1&platform=All&function=all>) \n \nIBM Sterling External Authentication Server\n\n| \n\n2.4.3.2\n\n| \n\n_iFix 10_\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther+software&product=ibm/Other+software/Sterling+External+Authentication+Server&release=2.4.3.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T23:10:25", "type": "ibm", "title": "Security Bulletin: An Eclipse Jetty Vulnerability Affects IBM Sterling Secure External Authentication Server (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-01-08T23:10:25", "id": "A104F357C85C98F8863EC17E0968EE2F520A9E4DA3A10DBF1287F2CDE17AFD04", "href": "https://www.ibm.com/support/pages/node/6398776", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:47:14", "description": "## Summary\n\nIBM Rational Functional Tester is affected by an Eclipse Jetty vulnerability that can allow a local authenticated user to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated user could exploit this vulnerability to gain elevated privileges.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nRFT| 9.5 \nRFT| 10.0 \nRFT| 10.1 \n \n\n\n## Remediation/Fixes\n\nUpgrading to IBM Rational Functional Tester version 10.1.2 is strongly recommended. \n\n**Product **| **Version**| **APAR**| **Remediation/ Fix** \n---|---|---|--- \nRFT| 9.5| None| <https://download4.boulder.ibm.com/sar/CMA/RAA/09f5f/0/PSIRT28030-ifix.zip> \nRFT| 10.0| None| <https://download4.boulder.ibm.com/sar/CMA/RAA/09f5f/0/PSIRT28030-ifix.zip> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-27T17:25:49", "type": "ibm", "title": "Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-01-27T17:25:49", "id": "101D9839DC4D3A67F5CA5070D8255AEF01378A1F2F94126A2F00868A71C2B71A", "href": "https://www.ibm.com/support/pages/node/6409060", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:57:09", "description": "## Summary\n\nEclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Control Center| 6.2.0.0 \n \n\n\n## Remediation/Fixes\n\n**Product** | \n\n**VRMF**\n\n| \n\n**iFix**\n\n| \n\n**Remediation** \n \n---|---|---|--- \n \nIBM Control Center\n\n| \n\n6.2.0.0\n\n| \n\niFix08\n\n| \n\n[Fix Central - 6.2.0.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.0.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-14T21:20:10", "type": "ibm", "title": "Security Bulletin: Eclipse Jetty Vulnerability Affects IBM Control Center (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-05-14T21:20:10", "id": "AB595BAD745ACCEB2CA1F5A7FC0DC9717FFDD74D2EEC460390003F7C91DD4FFD", "href": "https://www.ibm.com/support/pages/node/6453457", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:48:41", "description": "## Summary\n\nEclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Content Classification| 8.8 \n \n\n\n## Remediation/Fixes\n\n**_Product_** | **_VRMF_**| **_Remediation/First Fix_** \n---|---|--- \nIBM Content Classification| 8.8.0.3| Apply Interim Fix **8.8.0.3 IF0019**,available from [Fix Central](<http://www.ibm.com/support/fixcentral/>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-27T18:41:02", "type": "ibm", "title": "Security Bulletin: Eclipse Jetty (Publicly disclosed vulnerability) affects Content Classifaction", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2020-11-27T18:41:02", "id": "3E7141042BE5B9E1A55ADA05F6035C03E394EF7DC2BDEDF57AEB4C33DF04D003", "href": "https://www.ibm.com/support/pages/node/6373292", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:47:38", "description": "## Summary\n\nA vulnerability allowing Eclipse Jetty to gain elevated privileges was addressed by IBM Sterling Secure Proxy.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Secure Proxy| 6.0.0 Through 6.0.1.1 iFix 2 \nIBM Sterling Secure Proxy| 3.4.3 through 3.4.3.2 iFix 9 \n \n\n\n## Remediation/Fixes\n\n**_Product_**\n\n| \n\n**_VRMF_**\n\n| \n\n**_iFix_**\n\n| \n\n**_How to acquire fix_** \n \n---|---|---|--- \n \n_IBM Secure Proxy_\n\n| \n\n_6.0.1.1_\n\n| \n\n_iFix 3_\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other+software&product=ibm/Other+software/Sterling+Secure+Proxy&release=6.0.1.1&platform=All&function=all>) \n \n_IBM Sterling Secure Proxy_\n\n| \n\n_3.4.3.2_\n\n| \n\n_iFix 10_\n\n| \n\n[Fix Central](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other+software&product=ibm/Other+software/Sterling+Secure+Proxy&release=3.4.3.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T23:08:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in Eclipse Jetty affects IBM Sterling Secure Proxy (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-01-08T23:08:46", "id": "F3E9AF17DCD2EBC47BC32D0E05B6ACDCBFDDAF3EB47FFAC93CFD0FEBBBC04F7E", "href": "https://www.ibm.com/support/pages/node/6398772", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:47:19", "description": "## Summary\n\nIBM Rational Service Tester is vulnerable to Eclipse Jetty possibly allowing a local authenticated user to gain elevated privilegs on the system. By sending a specially-crafted request, an authenticated user could exploit this vulrnerability to gain elevated privileges.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nRST| 9.5 \nRST| 10.0 \nRST| 10.1 \n \n\n\n## Remediation/Fixes\n\nUpgrading to IBM Rational Service Tester version 10.1.2 is strongly recommended. \n\nProduct| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nRST| 9.5| None| <https://download4.boulder.ibm.com/sar/CMA/RAA/09f62/0/PSIRT28030-ifix.zip> \nRST| 10.0| None| <https://download4.boulder.ibm.com/sar/CMA/RAA/09f62/0/PSIRT28030-ifix.zip> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-25T13:53:14", "type": "ibm", "title": "Security Bulletin: A vulnerability in Eclipse Jetty affects IBM Rational Service Tester (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-01-25T13:53:14", "id": "2C070ACA838DF756EF2C6663B3A4CC8D6546936B4E9067A8CC8F4E89004415FB", "href": "https://www.ibm.com/support/pages/node/6407856", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:47:18", "description": "## Summary\n\nIBM Rational Performance Tester is affected by an Eclipse Jetty vulnerability than can allow a local authenticated user to gain eleved privileges on the system. By sending a specially-crafted request, an authenticated user could exploit this vulnerability to gain elevated privileges.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nRPT| 9.5 \nRPT| 10.0 \nRPT| 10.1 \n \n\n\n## Remediation/Fixes\n\nUpgrading to IBM Rational Performance Tester version 10.1.2 is strongly recommended. \n\nProduct| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nRPT| 9.5| None| <https://download4.boulder.ibm.com/sar/CMA/RAA/09f5z/0/PSIRT28030-ifix.zip> \nRPT| 10.0| None| <https://download4.boulder.ibm.com/sar/CMA/RAA/09f5z/0/PSIRT28030-ifix.zip> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-25T11:28:26", "type": "ibm", "title": "Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Performance Tester (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-01-25T11:28:26", "id": "8DF333F79E75C38BAF5D10978D2A5980C7BCD16722EBEF4A77847AA9601A851D", "href": "https://www.ibm.com/support/pages/node/6407836", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:36:07", "description": "## Summary\n\nThere is a vulnerability in Eclipse Jetty that could allow a local authenticated attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Process Mining| 1.12.0.3 \n \n## Remediation/Fixes\n\n**Remediation/Fixes guidance**:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Process Mining| 1.12.0.3| \n\n**Upgrade to version 1.12.0.4** \n \n1.Login to [PassPortAdvantage](<https://www-112.ibm.com/software/howtobuy/passportadvantage/homepage/paocustomer> \"\" ) \n \n2\\. Search for \n**M05JKML** Process Mining 1.12.0.4 Server Multiplatform Multilingual \n \n3\\. Download package\n\n4\\. Follow install instructions \n \n5\\. Repeat for **M05JJML** Process Mining 1.12.0.4 Client Windows Multilingual \n \n| | \n \n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-01T21:25:52", "type": "ibm", "title": "Security Bulletin: Vulnerability in Eclipse Jetty affects IBM Process Mining (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2023-02-01T21:25:52", "id": "EAE3626D697DD9AA184F2FB8430E9808A349261E042A2F475F1558DE0474E3B5", "href": "https://www.ibm.com/support/pages/node/6574045", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:47:06", "description": "## Summary\n\nIBM Network Performance Insight1.3.1 affected by Eclipse Jetty vulnerability CVE-2020-27216\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Network Performance Insight| 1.3.1 \n \n\n\n## Remediation/Fixes\n\nNPI 1.3.1 is affected with the vulnerability [CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) and it is resolved in the fix pack ( 1.3.1.1-TIV-NPI-IF0003.1.tgz) available at the fix central at following link. \n\nFix File Name: 1.3.1.1-TIV-NPI-IF0003.1.tgz \nFix available at fix central: \n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.1.1-TIV-NPI-IF0003.1&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.1.1-TIV-NPI-IF0003.1&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-01T11:01:33", "type": "ibm", "title": "Security Bulletin: IBM Network Performance Insight 1.3.1 affected by Eclipse Jetty vulnerability (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-02-01T11:01:33", "id": "B5F498C2528C0E625760D72F802C203FB63AC6B3CBD1D27268D5F386CC4385CE", "href": "https://www.ibm.com/support/pages/node/6410456", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:56:03", "description": "## Summary\n\nA security vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used in Jetty Server 9.4.14 is affecting IBM Rational Change.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Rational Change 5.3.2, 5.3.2.1, 5.3.2.2.\n\n## Remediation/Fixes\n\n \n\n\n**Product**| **VRFM**| **APAR**| **Remediation/Fix** \n---|---|---|--- \nRational Change| 5.3.2.3| None.| \n\nUpgrade to Rational Change 5.3.2.3 supporting Jetty 9.4.35 from [IBM Passport Advantage](<https://iea-pf-b1p3a.mul.ie.ibm.com/netaccess/loginuser.html>) and apply it.\n\n \n\n\n**NOTE**:\n\nDownload the Rational Change 5.3.2.3 installation image by referring to the installation platform and its part number in the following list:\n\n * IBM Rational Change V5.3.2.3 Multi-platform Multilingual (CC5T0ML) - Windows and Linux included. \n \n \n\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-25T07:01:23", "type": "ibm", "title": "Security Bulletin: Vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used in Jetty Server 9.4.14 where Rational Change is deployed.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-06-25T07:01:23", "id": "E4A28F8F68186CEA27D3FEB20460BE3334CBCA58BC4385BFB2DAC3333FEF6C4B", "href": "https://www.ibm.com/support/pages/node/6467063", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:56:04", "description": "## Summary\n\nA security vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used by Jetty versions 9.4.14 is affecting IBM Rational Synergy.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Rational Synergy 7.2.2, 7.2.2.1, 7.2.2.2.\n\n \n\n\n## Remediation/Fixes\n\n \n\n\n**Product **| **VRMF**| **APAR**| **Remediation/Fixes** \n---|---|---|--- \nRational Synergy| 7.2.2.3| None| \n\nUpgrade to Rational Synergy 7.2.2.3 from [IBM Passport Advantage](<https://iea-pf-b1p3a.mul.ie.ibm.com/netaccess/loginuser.html> \"IBM Passport Advantage\" ) and apply it.\n\n**NOTE:**\n\nDownload the Rational Synergy 7.2.2.3 installation image by referring to the installation platform and its part number in the following list:\n\n * IBM Rational Synergy V7.2.2.3 Linux Informix Multilingual (CC5T9ML)\n * IBM Rational Synergy V7.2.2.3 Linux Oracle Multilingual (CC5TAML)\n * IBM Rational Synergy V7.2.2.3 Windows Informix Multilingual (CC5TBML) \n \n \n\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-25T06:42:24", "type": "ibm", "title": "Security Bulletin: Vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used in Jetty Server 9.4.14 where Rational Synergy is deployed.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-06-25T06:42:24", "id": "75A547F3BA75C8FD5BF5185CE11155B9F37CBC820B9102C0531E0C7785BA8B78", "href": "https://www.ibm.com/support/pages/node/6467059", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:41:04", "description": "## Summary\n\nAn issue was found in Eclipse Jetty that is shipped with the MQ Explorer component of IBM MQ.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n**DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ | 9.0 \nIBM MQ | 9.1 LTS \nIBM MQ | 9.2 CD \nIBM MQ | 9.2 LTS \n \n## Remediation/Fixes\n\nThis issue is addressed in MQ releases by MQ APAR IT34927\n\n_**IBM MQ 9.0**_\n\n[Apply FixPack 9.0.0.11](<https://www.ibm.com/support/pages/downloading-ibm-mq-90011>) or later\n\n_**IBM MQ 9.1 LTS**_\n\n[Apply FixPack 9.1.0.7](<https://www.ibm.com/support/pages/downloading-ibm-mq-910-older-fix-packs#fp9107>) or later\n\n**IBM MQ 9.2 LTS**\n\n[Apply FixPack 9.2.0.2](<https://www.ibm.com/support/pages/downloading-ibm-mq-920-older-fix-packs#fp9202>) or later\n\n**IBM MQ 9.2 CD**\n\n[Upgrade to IBM MQ 9.2.1](<https://www.ibm.com/support/pages/downloading-ibm-mq-921-continuous-delivery> \"Upgrade to IBM MQ 9.2.1\" ) or newer CD release\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-06T10:58:08", "type": "ibm", "title": "Security Bulletin: IBM MQ is vulnerable to an error within Eclipse Jetty (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2021-10-06T10:58:08", "id": "96B34DECBD5111CA099BBF02896DC500AFE9357A8C64E783BBC560AB34F745F2", "href": "https://www.ibm.com/support/pages/node/6409546", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:46:31", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed the security vulnerability from Eclipse Jetty.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| APAR(s)| Version(s) \n---|---|--- \nIBM Sterling B2B Integrator| IT35458| 5.2.0.0 - 5.2.6.5_4 \nIBM Sterling B2B Integrator| IT35458| 6.0.0.0 - 6.0.0.6, 6.0.1.0 - 6.0.3.4 \nIBM Sterling B2B Integrator| IT35458| 6.1.0.0 - 6.1.0.3 \n \n\n\n## Remediation/Fixes\n\nProduct &amp; Version| Remediation &amp; Fix \n---|--- \n5.2.0.0 - 5.2.6.5_4| Apply IBM Sterling B2B Integrator version 6.0.0.7, 6.0.3.5 or 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.0.0.0 - 6.0.0.6, 6.0.1.0 - 6.0.3.4| Apply IBM Sterling B2B Integrator version 6.0.0.7, 6.0.3.5 or 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.1.0.0 - 6.1.0.3| Apply IBM Sterling B2B Integrator version 6.1.1.0 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-13T14:58:22", "type": "ibm", "title": "Security Bulletin: Eclipse Jetty Vulnerability Affects IBM Sterling B2B Integrator (CVE-2020-27216)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2022-05-13T14:58:22", "id": "EB9C97E1767E99DB5972AA6DB53446FFC1D2256CC95E283AD514F18189053A41", "href": "https://www.ibm.com/support/pages/node/6496807", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:50:09", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161491](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161491>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-9735](<https://vulners.com/cve/CVE-2017-9735>) \n** DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127842](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145523](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-0222](<https://vulners.com/cve/CVE-2019-0222>) \n** DESCRIPTION: **Apache ActiveMQ is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted MQTT frame, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158686](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158686>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-1941](<https://vulners.com/cve/CVE-2020-1941>) \n** DESCRIPTION: **Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the admin GUI. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181957](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181957>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-8006](<https://vulners.com/cve/CVE-2018-8006>) \n** DESCRIPTION: **Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the queues.jsp file. A remote attacker could exploit this vulnerability using the QueueFilter parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148808](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148808>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-11775](<https://vulners.com/cve/CVE-2018-11775>) \n** DESCRIPTION: **Apache ActiveMQ Client could allow a remote attacker to conduct a man-in-the-middle attack, caused by a missing TLS hostname verification. An attacker could exploit this vulnerability to launch a man-in-the-middle attack between a Java application using the ActiveMQ client and the ActiveMQ server. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149705](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149705>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2017-15709](<https://vulners.com/cve/CVE-2017-15709>) \n** DESCRIPTION: **Apache ActiveMQ could allow a remote attacker to obtain sensitive information, caused by the storing of certain system details in plaintext when using the OpenWire protocol. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139028](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139028>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-7559](<https://vulners.com/cve/CVE-2015-7559>) \n** DESCRIPTION: **Apache ActiveMQ client is vulnerable to a denial of service, caused by a remote shutdown command in the ActiveMQConnection class. By sending a specific command, a remote authenticated attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170664>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-12423](<https://vulners.com/cve/CVE-2019-12423>) \n** DESCRIPTION: **Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ships with OpenId Connect JWK Keys service. By accessing the JWK keystore file, an attacker could exploit this vulnerability to obtain the public keys in JWK format, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-17573](<https://vulners.com/cve/CVE-2019-17573>) \n** DESCRIPTION: **Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174689](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174689>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-12419](<https://vulners.com/cve/CVE-2019-12419>) \n** DESCRIPTION: **Apache CXF could allow a remote attacker to bypass security restrictions, caused by the failure to validate that the authenticated principal is equal to that of the supplied clientId parameter in the request by the OpenId Connect token service. By obtaining the authorization code issued to another client, an attacker could exploit this vulnerability to obtain an access token for the other client. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170975](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170975>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-1954](<https://vulners.com/cve/CVE-2020-1954>) \n** DESCRIPTION: **Apache CXF is vulnerable to a man-in-the-middle attack, caused by a flaw in JMX Integration. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178938>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-12406](<https://vulners.com/cve/CVE-2019-12406>) \n** DESCRIPTION: **Apache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of message attachments present in a given message. By sending a specially-crafted message containing an overly large number of message attachments, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM QRadar SIEM 7.4.0 - 7.4.1 GA\n\nIBM QRadar SIEM 7.3.0 - 7.3.3 Patch 4\n\n \n\n\n## Remediation/Fixes\n\n[QRadar / QRM / QVM / QRIF / QNI 7.4.1 Patch 1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.4.0&platform=Linux&function=fixId&fixids=7.4.1-QRADAR-QRSIEM-20200915010309&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true> \"QRadar / QRM / QVM / QRIF / QNI 7.4.1 Patch 1\" )\n\n[QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 5](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20200929154613&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true> \"QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 5\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-07T20:49:35", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7559", "CVE-2017-15709", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-9735", "CVE-2018-11775", "CVE-2018-12536", "CVE-2018-12545", "CVE-2018-8006", "CVE-2019-0222", "CVE-2019-10241", "CVE-2019-10247", "CVE-2019-12406", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-17573", "CVE-2020-1941", "CVE-2020-1954"], "modified": "2020-10-07T20:49:35", "id": "1684DEC3DF3BB9E78C84E76D9D7057965A40ADC07F69C113F4E928D34BF0D671", "href": "https://www.ibm.com/support/pages/node/6344071", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T17:44:52", "description": "## Summary\n\nIBM Sterilng B2B Integrator has addressed multiple security vulnerabilities in Jetty.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161491](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161491>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Sterling B2B Integrator | 5.2.0.0 - 5.2.6.5_1 \nIBM Sterling B2B Integrator | 6.0.0.0 - 6.0.3.1 \n \n## Remediation/Fixes\n\n** Product &amp; Version** | ** Remediation &amp; Fix** \n---|--- \n5.2.0.0 - 5.2.6.5_1 | Apply IBM Sterling B2B Integrator version 5.2.6.5_2 or 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.0.0.0 - 6.0.3.1 | Apply IBM Sterling B2B Integrator version 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-24T17:07:55", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator (CVE-2018-12545, CVE-2019-10241)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12545", "CVE-2019-10241"], "modified": "2020-07-24T17:07:55", "id": "5EECFC5C8DC24CAFE9B7AB5FC12D78B14281213BEAB82B828C710EEE945957CC", "href": "https://www.ibm.com/support/pages/node/6208027", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:45:36", "description": "## Summary\n\nThere are multiple vulnerabilities in Eclipse Jetty used by Netcool Agile Service Manager. Netcool Agile Service Manager has addressed the applicable CVEs. \n \n\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160610> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-10246](<https://vulners.com/cve/CVE-2019-10246>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw when configured for showing a Listing of directory contents. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160611> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nNetcool Agile Service Manager 1.1.3 - 1.1.4\n\n## Remediation/Fixes\n\nUpdate to Netcool Agile Service Manager 1.1.5 \nTo install Netcool Agile Service Manager 1.1.5, you download the installation images from IBM\u00ae Passport Advantage\u00ae. You then follow standard installation procedures, whether you install a new instance of Agile Service Manager, or upgrade an existing version.\n\n**[Download IBM Netcool Agile Service Manager 1.1.5](<http://www-01.ibm.com/support/docview.wss?uid=swg24043717>)**\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-07-03T05:10:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Jetty affect Netcool Agile Service Manager (CVE-2019-10247, CVE-2019-10246)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10246", "CVE-2019-10247"], "modified": "2019-07-03T05:10:01", "id": "1F1DE6AEC253757076B31DD34F214015B5B41FF17747603D8B3DD39A6F27D12D", "href": "https://www.ibm.com/support/pages/node/887913", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-24T01:36:36", "description": "## Summary\n\nSecurity Bulletin: Resilient OnPrem versions 30.x are affected by vulnerabilities in dependent libraries\n\n## Vulnerability Details\n\n**Summary **Resilient OnPrem v31.0 has addressed vulnerabilities in a number of dependent libraries.\n\n**Vulnerability Details**\n\n**CVEID: **[CVE-2017-9735](<https://vulners.com/cve/CVE-2017-9735>) \n**DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/127842> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [https://exchange.xforce.ibmcloud.com/vulnerabi](<<a href=>)\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-19T21:38:35", "type": "ibm", "title": "Security Bulletin: Resilient OnPrem versions 30.x are affected by vulnerabilities in dependent libraries", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7658", "CVE-2017-9735"], "modified": "2021-04-19T21:38:35", "id": "D4D59CFE21484F96852DB1D04961FBD5D11A6439B4EFDD7D5412D5A9FFAD9732", "href": "https://www.ibm.com/support/pages/node/1162834", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:44:35", "description": "## Summary\n\nMultiple vulnerabilities in Eclipse Jetty used by IBM InfoSphere Information Server were addressed.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-17638](<https://vulners.com/cve/CVE-2019-17638>) \n**DESCRIPTION: **Eclipse Jetty, as bundled in Jenkins, could allow a remote attacker to obtain sensitive information, caused by an issue with corrupt HTTP response buffer being sent to different clients. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 9.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185436](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185436>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L) \n \n**CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n**DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nInfoSphere Information Server | 11.7 \nInfoSphere Information Server | 11.5 \n \n## Remediation/Fixes\n\n_Product_ | _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server, Information Server on Cloud | 11.7 | [JR63436](<http://www.ibm.com/support/docview.wss?uid=swg1JR63436> \"JR6?\" ) \n| \\--Upgrade your Update Installer to [version 11.7.1.85](<https://www-01.ibm.com/support/docview.wss?uid=swg24038034> \"version 11.7.1.83\" ) or later \n \n\\--Apply InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/docview.wss?uid=ibm10878310> \"11.7.1.0\" ) \n\\--Apply InfoSphere Information Server version [11.7.1.1](<https://www.ibm.com/support/pages/node/6209196> \"11.7.1.1\" ) \n\\--Apply [Information Server 11.7.1.1 Service Pack 1](<https://www.ibm.com/support/pages/node/6438057> \"Information Server 11.7.1.1 Service Pack 1\" ) \n \n \n\\--For Red Hat 8 installations, contact IBM Customer Support \n \nInfoSphere Information Server, Information Server on Cloud | 11.5 | [JR63436](<http://www.ibm.com/support/docview.wss?uid=swg1JR63436> \"JR6?\" ) \n| \\--Upgrade your Update Installer to [version 11.7.1.85](<https://www-01.ibm.com/support/docview.wss?uid=swg24038034> \"version 11.7.1.83\" ) or later \n \n**Contact Technical Support:** \nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [contacts for other countries](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [open a Service Request](<http://www.ibm.com/software/support/probsub.html>) with Information Server Technical Support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.5}, "published": "2021-04-01T20:09:47", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affects IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17638", "CVE-2020-27216"], "modified": "2021-04-01T20:09:47", "id": "9B7484C34C9F34F0426B6E8110F51B91DBBF139DD14849DC744E1B348D2F480F", "href": "https://www.ibm.com/support/pages/node/6436411", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T21:36:10", "description": "## Summary\n\nIBM Security Verify Governance is vulnerable to multiple security threats due to vulnarabilities in Eclipse Jetty (CVE-2019-10247, CVE-2021-34428, CVE-2017-7656, CVE-2019-10241, CVE-2021-28169, CVE-2017-7657, CVE-2017-7658, CVE-2016-4800, CVE-2020-27223, CVE-2022-2047). The fixed version linked below removes Jetty JARs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-34428](<https://vulners.com/cve/CVE-2021-34428>) \n** DESCRIPTION: **Eclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session ID is not invalidated flaw when an exception is thrown from the SessionListener#sessionDestroyed() method. By gaining access to the application on the shared computer, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 3.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-28169](<https://vulners.com/cve/CVE-2021-28169>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the ConcatServlet. By sending a specially-crafted request using a doubly encoded path, an attacker could exploit this vulnerability to obtain sensitive information from protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203492](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203492>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-4800](<https://vulners.com/cve/CVE-2016-4800>) \n** DESCRIPTION: **Jetty could allow a remote attacker to bypass security restrictions, caused by a n implementation error in the path normalization mechanism when parsing URL requests. By sending a specially crafted request containing specific escaped characters, an attacker could exploit this vulnerability to gain access to restricted resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113752](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113752>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-27223](<https://vulners.com/cve/CVE-2020-27223>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by an error when handling a request containing multiple Accept headers with a large number of quality parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust minutes of CPU time. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197559](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197559>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-2047](<https://vulners.com/cve/CVE-2022-2047>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By sending a specially-crafted request, an attacker could exploit this vulnerability to the HttpClient and ProxyServlet/AsyncProxyServlet/AsyncMiddleManServlet wrongly interpreting an authority with no host as one with a host. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230668](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230668>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Verify Governance| 10.0 \n \n\n\n## Remediation/Fixes\n\n**IBM encourages customers to update their systems promptly.**\n\nAffected Product(s)\n\n| \n\nVersion(s)\n\n| \n\nFirst Fix \n \n---|---|--- \n \nIBM Security Verify Governance\n\n| \n\n10.0.1\n\n| \n\n[10.0.1.0-ISS-ISVG-IGVA-FP0003](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Security+Verify+Governance&release=10.0.1.0&platform=All&function=fixId&fixids=10.0.1.0-ISS-ISVG-IGVA-FP0003&includeRequisites=1&includeSupersedes=0&downloadMethod=http>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-11T08:08:02", "type": "ibm", "title": "Security Bulletin: IBM Security Verify Governance is vulnerable to multiple vulnerabilities due to Eclipse Jetty", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4800", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27223", "CVE-2021-28169", "CVE-2021-34428", "CVE-2022-2047"], "modified": "2023-01-11T08:08:02", "id": "CC955D63C5A677B05E118A898E1FA6F660887714CEC0064650D28CE42265F548", "href": "https://www.ibm.com/support/pages/node/6854577", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:45:58", "description": "## Summary\n\nIBM Netcool Agile Service Manager has addressed the following vulnerabilities in Eclipse Jetty.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145522> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145523> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145520> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145521> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Netcool Agile Service Manager 1.1.1, 1.1.2\n\n## Remediation/Fixes\n\nInstall IBM Netcool Agile Service Manager 1.1.3\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-10T05:10:01", "type": "ibm", "title": "Security Bulletin: IBM Netcool Agile Service Manager is affected by Eclipse Jetty vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2018-11-10T05:10:01", "id": "9D6E689B86BDBCDFA0DB5F9240222191FC4016B876A0DD8016610AFA69FAFE0C", "href": "https://www.ibm.com/support/pages/node/733987", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:46:43", "description": "## Summary\n\nVulnerabilities in Eclipse Jetty was addressed by IBM InfoSphere Information Server.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145522> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145523> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145520> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145521> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nThe following products, running on all supported platforms, are affected:\n\nIBM InfoSphere Information Server: versions 9.1, 11.3, 11.5, and 11.7\n\nIBM InfoSphere Information Server on Cloud: versions 11.5 and 11.7\n\n## Remediation/Fixes\n\n**_Product_**\n\n| \n\n**_VRMF_**\n\n| \n\n**_APAR_**\n\n| \n\n**_Remediation/First Fix_** \n \n---|---|---|--- \n \nInfoSphere Information Server, Information Server on Cloud\n\n| \n\n11.7\n\n| \n\n[JR59721](<http://www.ibm.com/support/docview.wss?uid=swg1JR59721>)\n\n| \n\n\\--Update to the latest [Updater for 11.7](<http://www-01.ibm.com/support/docview.wss?uid=swg24038034>) \n \nInfoSphere Information Server, Information Server on Cloud\n\n| \n\n11.5\n\n| \n\n[JR59721](<http://www.ibm.com/support/docview.wss?uid=swg1JR59721>)\n\n| \n\n\\--Update to the latest [Updater for 11.5](<http://www-01.ibm.com/support/docview.wss?uid=swg24038034>)\n\n\\--For new installations, use the latest 11.7 release. \n \nInfoSphere Information Server\n\n| \n\n11.3\n\n| \n\n[JR59721](<http://www.ibm.com/support/docview.wss?uid=swg1JR59721>)\n\n| \n\n\\--Update to the latest [Updater for 11.3](<http://www-01.ibm.com/support/docview.wss?uid=swg24038034>) \n\\--For new installations, use the latest 11.7 release. \n \nInfoSphere Information Server\n\n| \n\n9.1\n\n| \n\n[JR59721](<http://www.ibm.com/support/docview.wss?uid=swg1JR59721>)\n\n| \n\n\\--Upgrade to a new release \n\\--For new installations, use the latest 11.7 release. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-16T20:00:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Eclipse Jetty affect the IBM InfoSphere Information Server installers", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2018-10-16T20:00:01", "id": "43BBB2862D7B1199D4C2C8A86EDAC6F339ED22482E792A5F1460A630A77A12E4", "href": "https://www.ibm.com/support/pages/node/732816", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:44:30", "description": "## Summary\n\nThe 'Netcool MIb Manager GUI' use a version of the Eclipse Jetty libary that contains known vulnerabilities. These vulnerabilities have been addressed by an upgrade to Jetty 9.3.29.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145523](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nNetcool/OMNIbus| 8.1.0 \n \n## Remediation/Fixes\n\nProduct| VRMF| APAR| Remediation/Fix \n---|---|---|--- \nOMNIbus| 8.1.0.29| IJ40088| <https://www.ibm.com/support/pages/node/6539220> \n \n## Workarounds and Mitigations\n\nUpgrading the JRE is the only solution.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-07T17:38:21", "type": "ibm", "title": "Security Bulletin: Tivoli Netcool/Omnibus installation contains vulnerable Eclipse Jetty code libraries (Multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2022-07-07T17:38:21", "id": "12F717244FEBE2E574C4797C485B84D93877100AB65740AE0F0E7EE891C8C624", "href": "https://www.ibm.com/support/pages/node/6602025", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:43:50", "description": "## Summary\n\nEclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of chunked transfer-encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.\n\n## Vulnerability Details\n\n \nCVE-ID: CVE-2017-7657 \nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145521for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\nCVE-ID: CVE-2017-7656 \nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145520for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\nCVE-ID: CVE-2018-12536 \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145523for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\nCVE-ID: CVE-2017-7658 \nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145522for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n\n## Affected Products and Versions\n\nRational Performance Tester version 9.\n\n## Remediation/Fixes\n\nUpgrading to Rational Performance Tester version 9.2.1.1 is recommended.\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-22T13:46:31", "type": "ibm", "title": "Security Bulletin: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. IBM Rational Performance Tester is affected by this vulnerability.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2020-05-22T13:46:31", "id": "FDFD56489C38E2165A00AD30ED35D882A27918341DF721F166495E9FBAA37BF3", "href": "https://www.ibm.com/support/pages/node/793735", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:47:02", "description": "## Summary\n\nPrevious releases of IBM UrbanCode Deploy are affected by multiple vulnerabilities in Eclipse Jetty\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145522> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145520> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145521> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAll fixpacks of IBM UrbanCode Deploy 6.1 - 6.1.3.9, IBM UrbanCode Deploy 6.2 - 6.2.7.3, and IBM UrbanCode Deploy 7.0-7.0.1.1 are affected.\n\n## Remediation/Fixes\n\nUpgrade to [IBM UrbanCode Deploy 7.0.1.2](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/IBM+UrbanCode+Deploy&release=7.0.1.0&platform=All&function=all>) or later. If it is not possible to upgrade to 7.0.1.2, upgrade to [IBM UrbanCode Deploy 6.2.7.4](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/IBM+UrbanCode+Deploy&release=6.2.7.0&platform=All&function=all>) .\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-12T18:40:01", "type": "ibm", "title": "Security Bulletin: Publicly Disclosed Vulnerability Found By vFinder (CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12536)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2019-02-12T18:40:01", "id": "C3F986C5657444C29A48436542134E0055674EB49757C1D60B5F2ACB7A539D7C", "href": "https://www.ibm.com/support/pages/node/794721", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:47:28", "description": "## Summary\n\nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.\n\n## Vulnerability Details\n\nCVE-ID: CVE-2017-7657 \nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145521for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\nCVE-ID: CVE-2017-7656 \nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145520for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\nCVE-ID: CVE-2018-12536 \nDescription: Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145523for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\nCVE-ID: CVE-2017-7658 \nDescription: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/145522for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n\n## Affected Products and Versions\n\nRational Service Tester version 9.\n\n## Remediation/Fixes\n\nUpgrading to Rational Service Tester version 9.2.1.1 is recommended.\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T15:15:01", "type": "ibm", "title": "Security Bulletin: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of chunked transfer-encoding chunk size. IBM Rational Service Tester is affected by this vulnerability.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2019-01-03T15:15:01", "id": "7FC1F320EFC1907483261EB76C43191A3C45F5D07F0AC7CB20EF8B4AA9797433", "href": "https://www.ibm.com/support/pages/node/793737", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-24T01:40:18", "description": "## Summary\n\nIBM QRadar SIEM is vulnerable to Jetty Vulnerabilities\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION: **In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID: **[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n**DESCRIPTION: **In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145523](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION: **In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION: **In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n\u00b7 IBM QRadar 7.2.0 to 7.2.8 Patch 16\n\n\u00b7 IBM QRadar 7.3.0 to 7.3.2 Patch 4\n\n## Remediation/Fixes\n\n[IBM QRadar/QRM/QVM/QRIF/QNI 7.2.8 Patch 17](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.2.0&platform=All&function=fixId&fixids=QRadarFix-728-QRSIEM-20190910154321&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM QRadar/QRM/QVM/QRIF/QNI 7.2.8 Patch 17\" )\n\n[IBM QRadar/QRM/QVM/QRIF/QNI 7.3.2 Patch 5](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.3.0&platform=All&function=fixId&fixids=7.3.2-QRADAR-QRSIEM-20191022133252&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM QRadar/QRM/QVM/QRIF/QNI 7.3.2\u00a0Patch 5\" )\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-06T19:05:46", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM is vulnerable to Jetty Vulnerabilities (CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12536)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536"], "modified": "2019-11-06T19:05:46", "id": "34CBAE11E64F8719EC4823028BE575923FD5D2B5F72BE9BF1FD8EE300AACF85E", "href": "https://www.ibm.com/support/pages/node/1103493", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-24T05:42:56", "description": "## Summary\n\nThere are multiple vulnerabilities in Jasper, Version 2 Service Refresh 2 Fix Pack 2, used by Jetty 8.1.3 is affecting IBM Rational Change.\n\n## Vulnerability Details\n\nThe following are the list of vulnerabilities affecting IBM Rational Change:\n\n**CVEID**: _[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \n**CVSS Base Score**: 6.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n \n**CVEID**: _[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>)_ \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID**: _[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \n**CVSS Base Score**: 6.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>_ for the current score. \n**CVSS Environmental Score***: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID**: _[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \n**CVSS Base Score**: 6.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID**: _[CVE-2018-18873](<https://vulners.com/cve/CVE-2018-18873>)_ \n**DESCRIPTION**: JasPer is vulnerable to a denial of service, caused by a NULL pointer dereference in the ras_putdatastd function in ras/ras_enc.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \n**CVSS Base Score**: 3.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/152318>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID**: _[CVE-2018-19139](<https://vulners.com/cve/CVE-2018-19139>)_ \n**DESCRIPTION**: JasPer is vulnerable to a denial of service, caused by a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \n**CVSS Base Score**: 3.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/153097>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID**: _[CVE-2018-20584](<https://vulners.com/cve/CVE-2018-20584>)_ \n**DESCRIPTION**: JasPer is vulnerable to a denial of service, caused by a flaw when converting the output to jp2 format. By using a specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to hang. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/154954>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID**: _[CVE-2018-20570](<https://vulners.com/cve/CVE-2018-20570>)_ \n**DESCRIPTION**: JasPer is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the jp2_encode function in jp2/jp2_enc.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/154998>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID**: _[CVE-2018-20622](<https://vulners.com/cve/CVE-2018-20622>)_ \n**DESCRIPTION**: JasPer could allow a remote attacker to obtain sensitive information, caused by a memory leak in base/jas_malloc.c in libjasper.a when \"--output-format jp2\" is used. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information. \n**CVSS Base Score**: 3.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/155056>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n \n**CVEID**: _[CVE-2019-10247](<https://vulners.com/cve/CVE-2018-10247>)_ \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n**CVEID**: _[CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \n**CVSS Base Score**: 7.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/161491>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Rational Change 5.3.1, 5.3.1.1 and 5.3.1.2. \n\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nRational Change | 5.3.1, 5.3.1.1, 5.3.1.2. | None. | \n\nUpgrade to Rational Change 5.3.2 supporting Jetty 9.4.14 from _[IBM Passport Advantage](<https://iea-pf-b1p3a.mul.ie.ibm.com/netaccess/loginuser.html>)_ and apply it.\n\n**NOTE**:\n\nDownload the Rational Synergy 7.2.2 installation image by referring to the installation platform and its part number in the following list:\n\n * IBM Rational Change V5.3.2 Multi-platform Multilingual (CC5T0ML) - Windows and Linux included. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-30T09:06:54", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Change is deployed", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-10247", "CVE-2018-12536", "CVE-2018-12545", "CVE-2018-18873", "CVE-2018-19139", "CVE-2018-20570", "CVE-2018-20584", "CVE-2018-20622", "CVE-2019-10247"], "modified": "2020-03-30T09:06:54", "id": "8A3B4149E7EAB3A7478E92C55ED495F70AD25B6A33537799F9CFBD490835D8BD", "href": "https://www.ibm.com/support/pages/node/2469207", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:42:14", "description": "## Summary\n\nThere are multiple security vulnerabilities in Jetty that affect IBM Sterling B2B Integrator\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145522> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145523> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145520> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION:** Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145521> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-12538](<https://vulners.com/cve/CVE-2018-12538>) \n**DESCRIPTION:** Eclipse Jetty could allow a remote attacker to hijack a user's session, caused by a flaw in the FileSessionDataStore. An attacker could exploit this vulnerability to gain access to another user's session. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145321> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling B2B Integrator 5.2.0.1 - 5.2.6.3\n\n## Remediation/Fixes\n\n**PRODUCT &amp; Version **\n\n| \n\n**Remediation/Fix** \n \n---|--- \n \nIBM Sterling B2B Integrator 5.2.0.1 - 5.2.6.3\n\n| \n\nApply IBM Sterling B2B Integrator version 6.0.0.0 or 5.2.6.4 available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-05T00:53:36", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536", "CVE-2018-12538"], "modified": "2020-02-05T00:53:36", "id": "92CB3843138A52E09E1E53A7B1F44996ABBC10BE478421F26B6289555D2F2CAE", "href": "https://www.ibm.com/support/pages/node/728823", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-24T05:40:26", "description": "## Summary\n\nThere are multiple vulnerabilities in Jasper, Version 2 Service Refresh 2 Fix Pack 2, used by Jetty 8.1.3 is affecting IBM Rational Synergy.\n\n## Vulnerability Details\n\nThe following are the list of vulnerabilities affecting IBM Rational Synergy:\n\n**CVEID**: _[CVE-2018-12538](<https://vulners.com/cve/CVE-2018-12536>)_ \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to hijack a user's session, caused by a flaw in the FileSessionDataStore. An attacker could exploit this vulnerability to gain access to another user's session. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145321>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID**: _[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \n**CVSS Base Score**: 6.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID**: _[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>)_ \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID**: _[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \n**CVSS Base Score**: 6.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID**: _[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \n**CVSS Base Score**: 6.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID**: _[CVE-2018-18384](<https://vulners.com/cve/CVE-2018-18384>)_ \n**DESCRIPTION**: Info-ZIP UnZip is vulnerable to a buffer overflow, caused by improper bounds checking by the list.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \n**CVSS Base Score**: 7.8 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/151365>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID**: _[CVE-2018-18873](<https://vulners.com/cve/CVE-2018-18873>)_ \n**DESCRIPTION**: JasPer is vulnerable to a denial of service, caused by a NULL pointer dereference in the ras_putdatastd function in ras/ras_enc.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \n**CVSS Base Score**: 3.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/152318>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID**: _[CVE-2018-19139](<https://vulners.com/cve/CVE-2018-19139>)_ \n**DESCRIPTION**: JasPer is vulnerable to a denial of service, caused by a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \n**CVSS Base Score**: 3.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/153097>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID**: _[CVE-2018-20570](<https://vulners.com/cve/CVE-2018-20570>)_ \n**DESCRIPTION**: JasPer is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the jp2_encode function in jp2/jp2_enc.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/154998>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID**: _[CVE-2018-20584](<https://vulners.com/cve/CVE-2018-20584>)_ \n**DESCRIPTION**: JasPer is vulnerable to a denial of service, caused by a flaw when converting the output to jp2 format. By using a specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to hang. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/154954>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n**CVEID**: _[CVE-2018-20622](<https://vulners.com/cve/CVE-2018-20622>)_ \n**DESCRIPTION**: JasPer could allow a remote attacker to obtain sensitive information, caused by a memory leak in base/jas_malloc.c in libjasper.a when \"--output-format jp2\" is used. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to obtain sensitive information. \n**CVSS Base Score**: 3.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/155056>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n \n**CVEID**: _[CVE-2019-10247](<https://vulners.com/cve/CVE-2018-10247>)_ \n**DESCRIPTION**: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \n**CVSS Base Score**: 5.3 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n**CVEID**: _[CVE-2018-12545](<https://vulners.com/cve/CVE-2018-12545>)_ \n**DESCRIPTION**: Eclipse Jetty is vulnerable to a denial of service, caused by the additional CPU and memory allocations required to handle changed settings. By sending either large SETTINGs frames container containing many settings, or many small SETTINGs frames, a remote attacker could exploit this vulnerability to cause a denial of service. \n**CVSS Base Score**: 7.5 \n**CVSS Temporal Score**: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/161491>_ for the current score. \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Rational Synergy 7.2.1.0 to 7.2.1.7. \n\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nRational Synergy | 7.2.1.0 to 7.2.1.7 | N/A | \n\nUpgrade to Rational Synergy 7.2.2 supporting Jetty 9.4.14 from _[IBM Passport Advantage](<https://iea-pf-b1p3a.mul.ie.ibm.com/netaccess/loginuser.html>)_ and apply it.\n\n**NOTE**:\n\nDownload the Rational Synergy 7.2.2 installation image by referring to the installation platform and its part number in the following list:\n\n * IBM Rational Synergy V7.2.2 Linux Informix Multilingual (CC5T9ML) \n * IBM Rational Synergy V7.2.2 Linux Oracle Multilingual (CC5TAML) \n * IBM Rational Synergy V7.2.2 Windows Informix Multilingual (CC5TBML) \n \n_For Rational Synergy 7.1.0.x IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-22T18:18:53", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Synergy is deployed", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-10247", "CVE-2018-12536", "CVE-2018-12538", "CVE-2018-12545", "CVE-2018-18384", "CVE-2018-18873", "CVE-2018-19139", "CVE-2018-20570", "CVE-2018-20584", "CVE-2018-20622", "CVE-2019-10247"], "modified": "2020-12-22T18:18:53", "id": "3F1E93CED935A8B73DF4F559D8444A47F42A24D3C4458A3E6BDE3B7C2F9CF9D0", "href": "https://www.ibm.com/support/pages/node/2468169", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:50:08", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13934](<https://vulners.com/cve/CVE-2020-13934>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by not releasing the HTTP/1.1 processor after the upgrade to HTTP/2 in an h2c direct connection. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause OutOfMemoryException resulting in a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185239](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185239>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-17566](<https://vulners.com/cve/CVE-2019-17566>) \n** DESCRIPTION: **Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the \"xlink:href\" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183402](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183402>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2019-4378](<https://vulners.com/cve/CVE-2019-4378>) \n** DESCRIPTION: **IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162084](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162084>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-1945](<https://vulners.com/cve/CVE-2020-1945>) \n** DESCRIPTION: **Apache Ant could allow a remote attacker to bypass security restrictions, caused by the use of an insecure temporary directory to store source files. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information and inject modified source files into the build process. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-0543](<https://vulners.com/cve/CVE-2020-0543>) \n** DESCRIPTION: **Xen and multiple Intel processors could allow a local authenticated attacker to obtain sensitive information, caused by an incomplete cleanup from specific special register read operations in some Intel\u00ae Processors. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183116](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183116>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-0548](<https://vulners.com/cve/CVE-2020-0548>) \n** DESCRIPTION: **Multiple Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by cleanup errors. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 2.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175117](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175117>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-0549](<https://vulners.com/cve/CVE-2020-0549>) \n** DESCRIPTION: **Multiple Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by cleanup errors in some data cache evictions. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175118](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175118>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2010-4710](<https://vulners.com/cve/CVE-2010-4710>) \n** DESCRIPTION: **YUI Library is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the addItem method in the Menu widget. A remote attacker could exploit this vulnerability using a field that is added to a menu to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/65180](<https://exchange.xforce.ibmcloud.com/vulnerabilities/65180>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2020-5408](<https://vulners.com/cve/CVE-2020-5408>) \n** DESCRIPTION: **VMware Tanzu Spring Security could allow a remote attacker to obtain sensitive information, caused by the use of a fixed null initialization vector with CBC Mode. By using dictionary attack techniques, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181969](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181969>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-13990](<https://vulners.com/cve/CVE-2019-13990>) \n** DESCRIPTION: **Terracotta could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations by the initDocumentParser function in xml/XMLSchedulingDataProcessor.java. By persuading a victim to open specially-crafted XML content, a remote attacker could exploit this vulnerability to read arbitrary files. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-13935](<https://vulners.com/cve/CVE-2020-13935>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by improper validation of the payload length in a WebSocket frame. By sending multiple requests with invalid payload lengths, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-15494](<https://vulners.com/cve/CVE-2018-15494>) \n** DESCRIPTION: **Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DataGrid component. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148556](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148556>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-5398](<https://vulners.com/cve/CVE-2020-5398>) \n** DESCRIPTION: **Spring Framework could allow a remote attacker to obtain sensitive information, caused by a flaw when it sets a Content-Disposition header in the response. By using a reflected file download (RFD) attack, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174711](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174711>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM QRadar SIEM 7.4.0 - 7.4.1 GA\n\nIBM QRadar SIEM 7.3.0 - 7.3.3 Patch 4\n\n## Remediation/Fixes\n\n[QRadar / QRM / QVM / QRIF / QNI 7.4.1 Patch 1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.4.0&platform=Linux&function=fixId&fixids=7.4.1-QRADAR-QRSIEM-20200915010309&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true> \"QRadar / QRM / QVM / QRIF / QNI 7.4.1 Patch 1\" )\n\n[QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 5](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20200929154613&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true> \"QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 5\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-07T22:53:38", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4710", "CVE-2018-15494", "CVE-2019-10241", "CVE-2019-10247", "CVE-2019-13990", "CVE-2019-17566", "CVE-2019-4378", "CVE-2020-0543", "CVE-2020-0548", "CVE-2020-0549", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-1945", "CVE-2020-5398", "CVE-2020-5408"], "modified": "2020-10-07T22:53:38", "id": "570AF6CDC4F7E864E6852EBD03923041C13A884B424AC254820AD0EEB73694DF", "href": "https://www.ibm.com/support/pages/node/6344075", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-28T01:40:36", "description": "## Summary\n\nBAYEUX_BROWSER cookie is generated from Cometd Server and it remains live with the session. In older versions of cometd server, BAYEUX_BROWSER cookie was neither true for https nor for secure. But in the current version ie. 5.0.3, there is a provision to make the cookie true for https and secure.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2007-5615](<https://vulners.com/cve/CVE-2007-5615>) \n** DESCRIPTION: **Jetty is vulnerable to CRLF injection, caused by improper validation of user-supplied input. A remote attacker could inject arbitrary commands using CRLF sequences, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/38899](<https://exchange.xforce.ibmcloud.com/vulnerabilities/38899>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2007-6672](<https://vulners.com/cve/CVE-2007-6672>) \n** DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by the improper processing of URLs containing multiple forward slash (/) characters. An attacker could exploit this vulnerability to gain unauthorized access to restricted files and view arbitrary directories on the Web server. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/39407](<https://exchange.xforce.ibmcloud.com/vulnerabilities/39407>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2009-1523](<https://vulners.com/cve/CVE-2009-1523>) \n** DESCRIPTION: **Jetty HTTP server could allow a remote attacker to traverse directories on the system, caused by an error when the DefaultServlet with support for aliases is explicitly enabled or the ResourceHandler class is configured to serve static content. An attacker could exploit this vulnerability by sending a specially-crafted URL request to view arbitrary files on the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/50298](<https://exchange.xforce.ibmcloud.com/vulnerabilities/50298>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2009-1524](<https://vulners.com/cve/CVE-2009-1524>) \n** DESCRIPTION: **Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using an appended \";\" character in the directory listing's path via a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/50301](<https://exchange.xforce.ibmcloud.com/vulnerabilities/50301>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2009-4609](<https://vulners.com/cve/CVE-2009-4609>) \n** DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by an error in the Dump Servlet. By sending a request to a URI ending in /dump/, a remote attacker could exploit this vulnerability to obtain sensitive information about internal variables and other data. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/55650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/55650>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2009-4610](<https://vulners.com/cve/CVE-2009-4610>) \n** DESCRIPTION: **Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dump.jsp in the JSP Dump feature and the default URI for the Session Dump Servlet under session/. A remote attacker could exploit this vulnerability using the Name or Value parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/55651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/55651>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2009-4611](<https://vulners.com/cve/CVE-2009-4611>) \n** DESCRIPTION: **Ruby could allow a remote attacker to execute arbitrary commands on the system, caused by the failure to filter terminal escape sequences in HTTP requests by the WEBrick component. By sending a specially-crafted HTTP request containing escape sequences and persuading a victim to view the logfile using the \"cat\" or \"tail\" tools, a remote attacker could inject the escape sequences into WEBrick logs and execute malicious control characters on the victim's terminal emulator. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/55533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/55533>) for the current score. \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2009-4612](<https://vulners.com/cve/CVE-2009-4612>) \n** DESCRIPTION: **Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the WebApp JSP Snoop page. A remote attacker could exploit this vulnerability using the PATH_INFO in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/55652](<https://exchange.xforce.ibmcloud.com/vulnerabilities/55652>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2009-5045](<https://vulners.com/cve/CVE-2009-5045>) \n** DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the Dump Servlet. A remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171886](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171886>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2009-5046](<https://vulners.com/cve/CVE-2009-5046>) \n** DESCRIPTION: **Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the JSP Dump and Session Dump Servlet. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171885](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171885>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2009-5047](<https://vulners.com/cve/CVE-2009-5047>) \n** DESCRIPTION: **Jetty could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection vulnerability in the Cookie Dump Servlet and Http Content-Length header. By a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171884](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171884>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2009-5048](<https://vulners.com/cve/CVE-2009-5048>) \n** DESCRIPTION: **Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Cookie Dump Servlet. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171883>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2009-5049](<https://vulners.com/cve/CVE-2009-5049>) \n** DESCRIPTION: **Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the JSP Snoop page in Webapp. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2011-4461](<https://vulners.com/cve/CVE-2011-4461>) \n** DESCRIPTION: **Jetty is vulnerable to a denial of service, caused by insufficient randomization of hash data structures. By sending multiple specially-crafted HTTP POST requests to an affected application containing conflicting hash key values, a remote attacker could exploit this vulnerability to cause the consumption of CPU resources. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/72017](<https://exchange.xforce.ibmcloud.com/vulnerabilities/72017>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-9735](<https://vulners.com/cve/CVE-2017-9735>) \n** DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127842](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Control Desk| IBM Control Desk 7.6.x \nIBM SmartCloud Control Desk| 7.5.X \n \n\n\n## Remediation/Fixes\n\n**For IBM Control Desk 7.6.1.4 and earlier versions:**\n\nThere is a provision in web.xml to make BAYEUX_BROWSER cookie true for https and secure. The path can also be updated using &lt;init-params&gt; in web.xml against CometDServlet entry in the deployment descriptor. \n<https://docs.cometd.org/current/reference/>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-19T20:54:31", "type": "ibm", "title": "Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5615", "CVE-2007-6672", "CVE-2009-1523", "CVE-2009-1524", "CVE-2009-4609", "CVE-2009-4610", "CVE-2009-4611", "CVE-2009-4612", "CVE-2009-5045", "CVE-2009-5046", "CVE-2009-5047", "CVE-2009-5048", "CVE-2009-5049", "CVE-2011-4461", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-9735", "CVE-2019-10247"], "modified": "2022-09-19T20:54:31", "id": "56AA25058B49601CC436FB99CDCA8B0EFA02E1CE410A9EC2373C5FE7CBDAE326", "href": "https://www.ibm.com/support/pages/node/6621343", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:51:50", "description": "## Summary\n\nThere are multiple vulnerabilities identified in IBM Guardium Data Encryption (GDE) .These vulnerabilities have been fixed in GDE 4.0.0.3. Please apply the latest version for the fixes.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-4697](<https://vulners.com/cve/CVE-2019-4697>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) stores user credentials in plain in clear text which can be read by an authenticated user. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171928](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171928>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2019-12814](<https://vulners.com/cve/CVE-2019-12814>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2019-12384](<https://vulners.com/cve/CVE-2019-12384>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the logback-core class from polymorphic deserialization. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162849](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162849>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-12086](<https://vulners.com/cve/CVE-2019-12086>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a Polymorphic Typing issue that occurs due to missing com.mysql.cj.jdbc.admin.MiniAdmin validation. By sending a specially-crafted JSON message, a remote attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161256](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161256>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n**DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n**DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n**DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n**DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n**DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2019-4691](<https://vulners.com/cve/CVE-2019-4691>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171828](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171828>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-4694](<https://vulners.com/cve/CVE-2019-4694>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171832](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171832>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2017-12974](<https://vulners.com/cve/CVE-2017-12974>) \n**DESCRIPTION: **Connect2id Nimbus JOSE+JWT could provide weaker than expected security, caused by proceeding with ECKey construction without ensuring that the public x and y coordinates are on the specified curve. A remote attacker could exploit this vulnerability to conduct an Invalid Curve Attack. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130788](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130788>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2017-12973](<https://vulners.com/cve/CVE-2017-12973>) \n**DESCRIPTION: **Connect2id Nimbus JOSE+JWT could provide weaker than expected security, caused by proceeding improperly after detection of an invalid HMAC in authenticated AES-CBC decryption. A remote attacker could exploit this vulnerability to conduct a padding oracle attack. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130789](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130789>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2017-12972](<https://vulners.com/cve/CVE-2017-12972>) \n**DESCRIPTION: **Connect2id Nimbus JOSE+JWT could provide weaker than expected security, caused by the lack of integer-overflow check when converting length values from bytes to bits. A remote attacker could exploit this vulnerability to conduct a HMAC bypass attack. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130790](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130790>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2019-4699](<https://vulners.com/cve/CVE-2019-4699>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) generates an error message that includes sensitive information about its environment, users, or associated data. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171931](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171931>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-4688](<https://vulners.com/cve/CVE-2019-4688>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171825](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171825>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-10247](<https://vulners.com/cve/CVE-2019-10247>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the DefaultHandler. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-10241](<https://vulners.com/cve/CVE-2019-10241>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServlet and ResourceHandler. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2018-12536](<https://vulners.com/cve/CVE-2018-12536>) \n**DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145523](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145523>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2017-9735](<https://vulners.com/cve/CVE-2017-9735>) \n**DESCRIPTION: **Jetty could allow a remote attacker to obtain sensitive information, caused by a timing channel flaw in util/security/Password.java. By observing elapsed times before rejection of incorrect passwords, an attacker could exploit this vulnerability to obtain access information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127842](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127842>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2017-7658](<https://vulners.com/cve/CVE-2017-7658>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145522](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145522>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2017-7657](<https://vulners.com/cve/CVE-2017-7657>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145521](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145521>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2017-7656](<https://vulners.com/cve/CVE-2017-7656>) \n**DESCRIPTION: **Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-10072](<https://vulners.com/cve/CVE-2019-10072>) \n**DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by HTTP/2 connection window exhaustion on write. By failing to send WINDOW_UPDATE messages, a remote attacker could exploit this vulnerability to block threads on the server and cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162806](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162806>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2019-0232](<https://vulners.com/cve/CVE-2019-0232>) \n**DESCRIPTION: **Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the way JRE passes command-line arguments when enableCmdLineArguments is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159398](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159398>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-0221](<https://vulners.com/cve/CVE-2019-0221>) \n**DESCRIPTION: **Apache Tomcat is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the SSI printenv command. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161746](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161746>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-0199](<https://vulners.com/cve/CVE-2019-0199>) \n**DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by the acceptance of streams with excessive numbers of SETTINGS frames and the permitting of clients to keep streams open without reading/writing request data by the HTTP/2 implementation. By sending excessive SETTINGS frames, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2019-3778](<https://vulners.com/cve/CVE-2019-3778>) \n**DESCRIPTION: **Spring Security OAuth could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in authorization endpoint. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158330](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158330>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-11269](<https://vulners.com/cve/CVE-2019-11269>) \n**DESCRIPTION: **Spring Security OAuth could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using redirect_uri parameter in a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2019-3795](<https://vulners.com/cve/CVE-2019-3795>) \n**DESCRIPTION: **Pivotal Spring Security could provide weaker than expected security, caused by an insecure randomness flaw when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159543](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159543>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N) \n \n**CVEID: **[CVE-2019-11272](<https://vulners.com/cve/CVE-2019-11272>) \n**DESCRIPTION: **Pivotal Spring Security could allow a remote attacker to bypass security restrictions, caused by a flaw in the PlaintextPasswordEncoder function. By using a password of \"null\", an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166568](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166568>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2018-1258](<https://vulners.com/cve/CVE-2018-1258>) \n**DESCRIPTION: **Pivotal Spring Framework Spring Security could allow a remote attacker to bypass security restrictions. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain unauthorized access to methods that should be restricted. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/143314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/143314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2018-1000613](<https://vulners.com/cve/CVE-2018-1000613>) \n**DESCRIPTION: **Legion of the Bouncy Castle Java Cryptography APIs could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe reflection flaw in XMSS/XMSS^MT private key deserialization. By using specially-crafted private key, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148041](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148041>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-5382](<https://vulners.com/cve/CVE-2018-5382>) \n**DESCRIPTION: **Bouncy Castle could allow a local attacker to obtain sensitive information, caused by an error in the BKS version 1 keystore files. By utilizing an HMAC that is only 16 bits long for the MAC key size, an attacker could exploit this vulnerability using brute-force techniques to crack a BKS-V1 keystore file in seconds and gain access to the keystore contents. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/140465](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140465>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2016-1000346](<https://vulners.com/cve/CVE-2016-1000346>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could allow a remote attacker to obtain sensitive information, caused by a flaw in the other party DH public key. A remote attacker could exploit this vulnerability to reveal details via invalid keys. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151807](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151807>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2016-1000345](<https://vulners.com/cve/CVE-2016-1000345>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could provide weaker than expected security, caused by an environment where timings can be easily observed. A remote attacker could exploit this vulnerability to conduct a padding oracle attack. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151808](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151808>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2016-1000344](<https://vulners.com/cve/CVE-2016-1000344>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could provide weaker than expected security, caused by a flaw in the DHIES implementation. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151809](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151809>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2016-1000343](<https://vulners.com/cve/CVE-2016-1000343>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could provide weaker than expected security, caused by a flaw in the DSA key pair generator. A remote attacker could exploit this vulnerability to launch further attacks. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151810](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151810>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2016-1000342](<https://vulners.com/cve/CVE-2016-1000342>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could provide weaker than expected security, caused by improper validation of ASN.1 encoding of signature in the ECDSA. A remote attacker could exploit this vulnerability to launch further attacks. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151811](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151811>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2016-1000341](<https://vulners.com/cve/CVE-2016-1000341>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could provide weaker than expected security, caused by a flaw in the DSA signature generation. A remote attacker could exploit this vulnerability to launch timing attacks. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151812](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151812>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2018-1000180](<https://vulners.com/cve/CVE-2018-1000180>) \n**DESCRIPTION: **Bouncy Castle could provide weaker than expected security, caused by an error in the Low-level interface to RSA key pair generator. The RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. An attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144810](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144810>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2016-1000339](<https://vulners.com/cve/CVE-2016-1000339>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could allow a remote attacker to obtain sensitive information, caused by a flaw in the AESEngine. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151814](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151814>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2016-1000338](<https://vulners.com/cve/CVE-2016-1000338>) \n**DESCRIPTION: **Bouncy Castle JCE Provider could provide weaker than expected security, caused by improper validation of ASN.1 encoding of signature in the DSA. A remote attacker could exploit this vulnerability to launch further attacks. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151815>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2015-7940](<https://vulners.com/cve/CVE-2015-7940>) \n**DESCRIPTION: **Bouncy Castle could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability using an invalid curve attack to extract private keys used in elliptic curve cryptography and obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107739](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107739>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2013-1624](<https://vulners.com/cve/CVE-2013-1624>) \n**DESCRIPTION: **Bouncy Castle could allow a remote attacker to obtain sensitive information, caused by the exposure of timing differences during padding check verification by the CBC ciphersuite of the Transport Layer Security (TLS) implementation. An attacker could exploit this vulnerability using a timing attack to recover the original plaintext and obtain sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/81910](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81910>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n**CVEID: **[CVE-2017-13098](<https://vulners.com/cve/CVE-2017-13098>) \n**DESCRIPTION: **Bouncy Castle could allow a remote attacker to obtain sensitive information, caused by an RSA Adaptive Chosen Ciphertext (Bleichenbacher) attack. By utilizing discrepancies in TLS error messages, an attacker could exploit this vulnerability to obtain the data in the encrypted messages once the TLS session has completed. Note: This vulnerability is also known as the ROBOT attack. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/136241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/136241>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-4689](<https://vulners.com/cve/CVE-2019-4689>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171826](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171826>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2016-6497](<https://vulners.com/cve/CVE-2016-6497>) \n**DESCRIPTION: **Apache could allow a remote attacker to execute arbitrary code on the system, caused by a LDAP entry poisoning vulnerability in main/java/org/apache/directory/groovyldap/LDAP.java. By leveraging setting returnObjFlag to true for all search methods, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/125218](<https://exchange.xforce.ibmcloud.com/vulnerabilities/125218>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2018-10237](<https://vulners.com/cve/CVE-2018-10237>) \n**DESCRIPTION: **Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2018-1000850](<https://vulners.com/cve/CVE-2018-1000850>) \n**DESCRIPTION: **Square Retrofit could allow a remote attacker to traverse directories on the system, caused by improper input validation by the RequestBuilder class. An attacker could send a specially-crafted URL request to containing \"dot dot\" sequences (/../) to add or delete arbitrary files on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154507](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154507>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2019-4686](<https://vulners.com/cve/CVE-2019-4686>) \n**DESCRIPTION: **IBM Guardium Data Encryption (GDE) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171822](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171822>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nGDE | 3.0.0.2 \n \n## Remediation/Fixes\n\nProduct(s) | Fixed Version \n---|--- \nGDE | [4.0.0.3](<https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=9269c25b1b795410f2888739cd4bcb16> \"4.0.0.0\" ) \n \n## Workarounds and Mitigations\n\nAffected Component | Fixed Version \n---|--- \nIBM Guardium for Cloud Key Management (GCKM) | GCKM 1.7.0 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-08-24T10:03:43", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1624", "CVE-2015-7940", "CVE-2016-1000338", "CVE-2016-1000339", "CVE-2016-1000341", "CVE-2016-1000342", "CVE-2016-1000343", "CVE-2016-1000344", "CVE-2016-1000345", "CVE-2016-1000346", "CVE-2016-6497", "CVE-2017-12972", "CVE-2017-12973", "CVE-2017-12974", "CVE-2017-13098", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-9735", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000850", "CVE-2018-1000873", "CVE-2018-10237", "CVE-2018-12536", "CVE-2018-1258", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5382", "CVE-2019-0199", "CVE-2019-0221", "CVE-2019-0232", "CVE-2019-10072", "CVE-2019-10241", "CVE-2019-10247", "CVE-2019-11269", "CVE-2019-11272", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-3778", "CVE-2019-3795", "CVE-2019-4686", "CVE-2019-4688", "CVE-2019-4689", "CVE-2019-4691", "CVE-2019-4694", "CVE-2019-4697", "CVE-2019-4699"], "modified": "2020-08-24T10:03:43", "id": "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "href": "https://www.ibm.com/support/pages/node/6320835", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-28T01:56:07", "description": "## Summary\n\nMultiple vulnerabilities in dependent libraries affect IBM\u00ae Db2\u00ae leading to denial of service or privilege escalation.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2014-3577](<https://vulners.com/cve/CVE-2014-3577>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95327](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95327>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2020-27216](<https://vulners.com/cve/CVE-2020-27216>) \n** DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-5237](<https://vulners.com/cve/CVE-2015-5237>) \n** DESCRIPTION: **Google Protocol Buffers could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in MessageLite::SerializeToString. A remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/105989](<https://exchange.xforce.ibmcloud.com/vulnerabilities/105989>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-11765](<https://vulners.com/cve/CVE-2018-11765>) \n** DESCRIPTION: **Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by a flaw in Web interfaces when Kerberos authentication is enabled and SPNEGO through HTTP is disabled. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to access some servlets without authentication. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188908](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188908>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-11612](<https://vulners.com/cve/CVE-2020-11612>) \n** DESCRIPTION: **Netty is vulnerable to a denial of service, caused by unbounded memory allocation while decoding a ZlibEncoded byte stream in the ZlibDecoders. By sending a large ZlibEncoded byte stream, a remote attacker could exploit this vulnerability to exhaust memory resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-18640](<https://vulners.com/cve/CVE-2017-18640>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature during a load operation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-7238](<https://vulners.com/cve/CVE-2020-7238>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling Transfer-Encoding whitespace and a later Content-Length header. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175398](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175398>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-8088](<https://vulners.com/cve/CVE-2018-8088>) \n** DESCRIPTION: **SLF4J could allow a remote attacker to bypass security restrictions, caused by an error in org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH. By sending specially-crafted data, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/140573](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140573>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-9489](<https://vulners.com/cve/CVE-2020-9489>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an out of memory error and infinite loop flaw in the ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180712](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180712>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-5262](<https://vulners.com/cve/CVE-2020-5262>) \n** DESCRIPTION: **EasyBuild could allow a remote attacker to obtain sensitive information, caused by storing sensitive information in debug log files. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178229](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178229>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAll fix pack levels of IBM Db2 V11.1, and V11.5 editions on all platforms are affected.\n\n \n\n\n## Remediation/Fixes\n\nCustomers running any vulnerable fixpack level of an affected Program, V11.1 and V11.5, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent fixpack level for each impacted release: V11.1.4 FP6, and V11.5.5. They can be applied to any affected fixpack level of the appropriate release to remediate this vulnerability. \n\n \n\n\n**Release**| **Fixed in fix pack**| **APAR**| **Download URL** \n---|---|---|--- \nV11.1| TBD| [IT36439](<https://www.ibm.com/support/pages/apar/IT36439> \"IT36439\" )| Special Build for V11.1 FP6: \n\n[AIX 64-bit](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_40812_DB2-aix64-universal_fixpack-11.1.4.6-FP006%3A193603019557308288&includeSupersedes=0> \"AIX 64-bit\" ) \n[Linux 32-bit, x86-32](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/IBM+Data+Server+Client+Packages&release=All&platform=All&function=fixId&fixids=special_40812_DSClients-linuxia32-client-11.1.4.6-FP006%3A516426185835302336&includeSupersedes=0> \"Linux 32-bit, x86-32\" ) \n[Linux 64-bit, x86-64](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_40812_DB2-linuxx64-universal_fixpack-11.1.4.6-FP006%3A731836679439432832&includeSupersedes=0> \"Linux 64-bit, x86-64\" ) \n[Linux 64-bit, POWER\u2122 little endian](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_40812_DB2-linuxppc64le-universal_fixpack-11.1.4.6-FP006%3A225264975099763520&includeSupersedes=0> \"Linux 64-bit, POWER\u2122 little endian\" ) \n[Linux 64-bit, System z\u00ae, System z9\u00ae or zSeries\u00ae](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_40812_DB2-linux390x64-universal_fixpack-11.1.4.6-FP006%3A187770383869384384&includeSupersedes=0> \"Linux 64-bit, System z\u00ae, System z9\u00ae or zSeries\u00ae\" ) \n[Solaris 64-bit, SPARC](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_40812_DB2-sun64-universal_fixpack-11.1.4.6-FP006%3A992367376857076352&includeSupersedes=0> \"Solaris 64-bit, SPARC\" ) \n[Windows 32-bit, x86](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/IBM+Data+Server+Client+Packages&release=All&platform=All&function=fixId&fixids=special_40812_DSClients-nt32-client-11.1.4060.1324-FP006%3A857683489424729088&includeSupersedes=0> \"Windows 32-bit, x86\" ) \n[Windows 64-bit, x86](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_40812_DB2-ntx64-universal_fixpack-11.1.4060.1324-FP006%3A798170719639073920&includeSupersedes=0> \"Windows 64-bit, x86\" ) \n \nV11.5| v11.5.6| [IT36413](<https://www.ibm.com/support/pages/apar/IT36413> \"IT36413\" )| <https://www.ibm.com/support/pages/node/6465915> \n \n \n\n\n \n\n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-23T18:01:11", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in dependent libraries affect IBM\u00ae Db2\u00ae leading to denial of service or privilege escalation.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3577", "CVE-2015-5237", "CVE-2017-18640", "CVE-2018-11765", "CVE-2018-8088", "CVE-2020-11612", "CVE-2020-27216", "CVE-2020-5262", "CVE-2020-7238", "CVE-2020-9488", "CVE-2020-9489"], "modified": "2021-06-23T18:01:11", "id": "026861C8F37CB442AEB06F08CB67784AB6226E1C2C5830E2D4227D71E9453C5B", "href": "https://www.ibm.com/support/pages/node/6466365", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-30T21:39:51", "description": "## Question\n\nIs there a list of security bulletins that describe resolved vulnerabilities affecting Log Analysis?\n\n## Answer\n\nLog Analysis is made up of several [components](<https://www.ibm.com/docs/en/oala/1.3.7?topic=analysis-architecture>). The following table contains security bulletins that address the vulnerability of various\n\ncomponents in Log Analysis, listed by release.\n\nVersion | CVE No. | Component | Vulnerability Description \n---|---|---|--- \n1.3.7 IF001 | Internal Vulnerability | Log Analysis | CSRFToken is not validated or updated on logout and login \nThe CSRFToken is not validated or updated on each logout and login by Log Analysis. Token value remains the same for all the logins and active sessions until users close the browser. \n1.3.7 IF001 | Internal Vulnerability | Log Analysis | Log Analysis Help pages are vulnerable to Clickjacking \nX-frame-Option header was implemented for Log Analysis application. However this was not implemented for Log Analysis help pages to prevent Clickjacking. \n1.3.7 | CVE-2017-1000190 | Apache Solr | [Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2017-1000190)](<https://www.ibm.com/support/pages/node/6446147>) \n1.3.7 | CVE-2020-11620 \nCVE-2020-10969 \nCVE-2020-14062 \nCVE-2020-14060 \nCVE-2020-11112 \nCVE-2020-10968 \nCVE-2020-10672 \nCVE-2020-9548 \nCVE-2020-9546 \nCVE-2020-11619 \nCVE-2020-11111 \nCVE-2020-14195 \nCVE-2020-14061 \nCVE-2020-11113 \nCVE-2020-9547 \nCVE-2020-10673 \nCVE-2019-10202 \nCVE-2019-17531 \nCVE-2019-14893 \nCVE-2020-8840 \nCVE-2019-10172 | Apache Solr | [Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6446143>) \n1.3.7 | CVE-2019-17558 | Apache Solr | [Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)](<https://www.ibm.com/support/pages/node/6445363>) \n1.3.7 | CVE-2014-3643 | Apache Zookeeper | [Security Bulletin: Vulnerability in jersey affect Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2014-3643)](<https://www.ibm.com/support/pages/node/6445361>) \n1.3.7 | CVE-2015-5237 | Apache Solr | [Security Bulletin: protobuf Vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis Analysis (CVE-2015-5237)](<https://www.ibm.com/support/pages/node/6445359>) \n1.3.7 | CVE-2019-10246 \nCVE-2019-10247 \nCVE-2019-10241 | Apache Solr | [Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6445357>) \n1.3.7 | CVE-2020-1945 | Apache Ant | [Security Bulletin: Vulnerability in Apache Ant affect IBM Operations Analytics - Log Analysis Analysis (CVE-2020-1945)](<https://www.ibm.com/support/pages/node/6445355>) \n1.3.7 | CVE-2019-17359 | Apache Solr | [Security Bulletin: Vulnerability in Bouncy Castle affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2019-17359)](<https://www.ibm.com/support/pages/node/6444781>) \n1.3.7 | CVE-2019-12402 | Apache Solr | [Security Bulletin: Vulnerability in Apache Commons Compress affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2019-12402)](<https://www.ibm.com/support/pages/node/6444777>) \n1.3.7 | CVE-2018-11766 \nCVE-2017-15713 | Apache Solr | [Security Bulletin: Multiple vulnerabilities in Apache Hadoop affect Apache Solr shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6444773>) \n1.3.7 | CVE-2019-0201 | Apache Zookeeper | [Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an Apache Zookeeper vulnerability (CVE-2019-0201)](<https://www.ibm.com/support/pages/node/6444771>) \n1.3.7 | CVE-2018-11768 | Apache Solr | [Security Bulletin: Vulnerability in Apache Hadoop affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-11768)](<https://www.ibm.com/support/pages/node/6444767>) \n1.3.7 | CVE-2019-12415 | Apache Solr | [Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to vulnerability in Apache POI (CVE-2019-12415)](<https://www.ibm.com/support/pages/node/6444763>) \n1.3.7 | CVE-2019-0228 | Apache Solr | [Security Bulletin: Vulnerability in Apache PDFBox affect Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2019-0228)](<https://www.ibm.com/support/pages/node/6444757>) \n \n1.3.7 | CVE-2018-1000613 \nCVE-2016-1000342 \nCVE-2016-1000344 \nCVE-2016-1000345 \nCVE-2016-1000339 \nCVE-2016-1000346 \nCVE-2016-1000338 \nCVE-2016-1000343 \nCVE-2016-1000340 \nCVE-2016-1000352 \nCVE-2015-6644 \nCVE-2016-1000341 \nCVE-2018-1000180 | Apache Solr | \n\n[Security Bulletin: Multiple vulnerabilities in Bouncy Castle affects Apache Solr shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6444097>) \n \n \n1.3.7 | CVE-2018-14718 \nCVE-2018-14719 \nCVE-2018-19362 \nCVE-2018-14721 \nCVE-2018-11307 \nCVE-2019-16335 \nCVE-2018-19361 \nCVE-2018-14720 \nCVE-2018-19360 \nCVE-2019-14540 \nCVE-2019-14379 \nCVE-2018-12023 \nCVE-2019-14439 \nCVE-2019-12814 \nCVE-2018-12022 \nCVE-2018-5968 \nCVE-2019-12384 \nCVE-2019-12086 | Apache Solr | \n\n[Security Bulletin: Multiple vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6444089>) \n \n \n1.3.7 | Internal Vulnerability | Apache Solr | Vulnerabilities from Apache Commons Fileupload: Apache Solr (Lucene) \nThe class FileUploadBase in Apache Commons Fileupload before 1.4 has potential resource leak - InputStream not closed on exception. \n1.3.7 | Internal Vulnerability | Apache Solr, \nLog Analysis | [Apache Solr (Lucene) and Unity are vulnerable to Apache commons-codec](<https://github.com/apache/commons-codec/commit/48b615756d1d770091ea3322eefc08011ee8b>) \n \n1.3.7 | CVE-2013-4002 \nCVE-2012-0881 \nCVE-2009-2625 | Apache Solr | [Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Xerces2](<https://www.ibm.com/support/pages/node/6444043>) \n1.3.7 | CVE-2018-10237 | Apache Solr | [Security Bulletin: A vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-10237)](<https://www.ibm.com/support/pages/node/6444041>) \n1.3.7 | CVE-2018-1000632 | Apache Solr | [Security Bulletin: dom4j Vulnerability in Apache Solr shipped with IBM Operations Analytics - Log Analysis Analysis (CVE-2018-1000632)](<https://www.ibm.com/support/pages/node/6444035>) \n1.3.7 | CVE-2018-11761 \nCVE-2018-17197 \nCVE-2019-10088 \nCVE-2019-10094 \nCVE-2018-11796 | Apache Solr | [Security Bulletin: Multiple vulnerabilities in Apache Tika affects Apache Solr shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6444033>) \n \n1.3.7 | CVE-2018-8017 | Apache Solr | [Security Bulletin: Vulnerability with Apache Tika in Apache Solr affects IBM Operations Analytics - Log Analysis Analysis (CVE-2018-8017)](<https://www.ibm.com/support/pages/node/6444031>) \n1.3.7 | CVE-2018-11797 | Apache Solr | [Security Bulletin: Vulnerability in Apache PDFBox affect Apache Solr shipped IBM Operations Analytics - Log Analysis Analysis (CVE-2018-11797)](<https://www.ibm.com/support/pages/node/6443675>) \n1.3.7 | CVE-2018-8036 | Apache Solr | [Security Bulletin: Vulnerability in Apache PDFBox affects Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-8036)](<https://www.ibm.com/support/pages/node/6443667>) \n1.3.6 FP001 | Internal Vulnerability | Log Analysis | [Security Bulletin: Content Spoofing vulnerability in IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6242186>) \n1.3.6 FP001 | Internal Vulnerability | Log Analysis | [Security Bulletin: Insecure Path Attribute in IBM Operations Analytics - Log Analysis (CSRFToken , LtpaToken2)](<https://www.ibm.com/support/pages/node/6242190>) \n1.3.6 FP001 | Internal Vulnerability | Log Analysis | [Security Bulletin: Cross site Scripting (Reflected) vulnerability in IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6242200>) \n1.3.6 FP001 | Internal Vulnerability | Log Analysis | [Security Bulletin: Host Header Injection vulnerability in IBM Operations Analytics - Log Analysis (pre-login scenario)](<https://www.ibm.com/support/pages/node/6242210>) \n1.3.6 FP001 | CVE-2017-3164 | Apache Solr | [Security Bulletin: Potential vulnerability (SSRF) in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2017-3164)](<https://www.ibm.com/support/pages/security-bulletin-potential-vulnerability-ssrf-apache-solr-affect-ibm-operations-analytics-log-analysis-cve-2017-3164-0>) \n1.3.6 IF001 | Internal Vulnerability | Log Analysis | [Security Bulletin: Query Parameter in SSL vulnerability in IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/node/6324045>) \n1.3.6 | CVE-2019-4216 | WebSphere Application Server Liberty | [Security Bulletin: IBM Operations Analytics - Log Analysis is vulnerable to potential Host Header Injection (CVE-2019-4216)](<https://www.ibm.com/support/pages/node/1109745>) \n1.3.6 | CVE-2019-4243 | Apache Solr | [Security Bulletin: A vulnerability in Apache Solr (Lucene) affects IBM Operations Analytics - Log Analysis (CVE-2019-4243)](<https://www.ibm.com/support/pages/node/1109721>) \n1.3.6 | CVE-2019-4215 | WebSphere Application Server Liberty | [Security Bulletin: Clickjacking vulnerability in IBM Operations Analytics - Log Analysis (CVE-2019-4215)](<https://www.ibm.com/support/pages/node/1109769>) \n1.3.6 | CVE-2019-4214 | WebSphere Application Server Liberty | [Security Bulletin: Log Analysis is vulnerable to a client side scripting attack due to missing HTTPOnly and Secure attribute in the cookie](<https://www.ibm.com/support/pages/node/1110171>) \n1.3.6 | CVE-2019-4244 | Apache Zookeeper | [Security Bulletin: IBM Operations Analytics - Log Analysis is affected by an Apache Zookeeper vulnerability (CVE-2019-4244)](<https://www.ibm.com/support/pages/node/1127523>) \n \n1.3.6 | Internal Vulnerability | Log Analysis | [Security Bulletin: Log Analysis is vulnerable to Injection Attacks](<https://www.ibm.com/support/pages/node/6155553>) \n1.3.6 | CVE-2020-13957 | Apache Solr | [Security Bulletin: Vulnerability related to unauthenticated uploads in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2020-13957)](<https://www.ibm.com/support/pages/node/6359003>) \n \n1.3.5 FP003 | CVE-2019-0192 | Apache Solr | [Security Bulletin: Potential vulnerability related to Unsafe Deserialization in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2019-0192)](<https://www.ibm.com/support/pages/security-bulletin-potential-vulnerability-related-unsafe-deserialization-apache-solr-shipped-ibm-operations-analytics-log-analysis-cve-2019-0192>) \n \nThis table contains a list of vulnerabilities that were resolved by the respective version of the component.\n\nAffected Log Analysis Version | CVE No. | Component | Vulnerability Description \n---|---|---|--- \n1.3.5FP3 1.3.6 1.3.6FP1 | CVE-2020-4590 | WebSphere Application Server Liberty | [Security Bulletin: Vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2020-4590)](<https://www.ibm.com/support/pages/node/6340079>) \n \n1.3.1\n\n1.3.2\n\n1.3.3\n\n1.3.4\n\n1.3.5\n\n| CVE-2019-4046 | WebSphere Application Server Liberty | [Security Bulletin: Potential denial of service vulnerability in WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2019-4046)](<https://www.ibm.com/support/pages/node/882870>) \n \n1.3.1\n\n1.3.2\n\n1.3.3\n\n1.3.4\n\n1.3.5FP1\n\n1.3.5FP2\n\n| CVE-2018-10237 | WebSphere Application Server Liberty | [Security Bulletin: Potential denial of service in WebSphere Application Server shipped with IBM Operations Analytics - Log Analysis (CVE-2018-10237)](<https://www.ibm.com/support/pages/security-bulletin-potential-denial-service-websphere-application-server-shipped-ibm-operations-analytics-log-analysis-cve-2018-10237?lnk=hm>) \n1.3.5 | CVE-2017-12624 | WebSphere Application Server Liberty | [Security Bulletin: Denial of Service in Apache CXF used by WebSphere Application Server affect IBM Operations Analytics - Log Analysis (CVE-2017-12624)](<https://www.ibm.com/support/pages/security-bulletin-denial-service-apache-cxf-used-websphere-application-server-affect-ibm-operations-analytics-log-analysis-cve-2017-12624>) \n \n1.3.1\n\n1.3.2\n\n1.3.3\n\n1.3.4\n\n1.3.5\n\n| CVE-2018-1447 \nCVE-2018-1388 \nCVE-2016-0702 \nCVE-2016-0705 \nCVE-2017-3732 \nCVE-2017-3736 \nCVE-2018-1428 \nCVE-2018-1427 \nCVE-2018-1426 | IBM Tivoli \nMonitoring | [Security Bulletin: Multiple vulnerabilities affect the GSKit component of IBM Tivoli Monitoring shipped with IBM Operations Analytics - Log Analysis](<https://www.ibm.com/support/pages/security-bulletin-multiple-vulnerabilities-affect-gskit-component-ibm-tivoli-monitoring-shipped-ibm-operations-analytics-log-analysis>) \n1.3.5 | CVE-2018-1683 | WebSphere Application Server Liberty | [Security Bulletin: Information disclosure in WebSphere Application Server Liberty bundled with IBM Operations Analytics - Log Analysis (CVE-2018-1683)](<https://www.ibm.com/support/pages/security-bulletin-information-disclosure-websphere-application-server-liberty-bundled-ibm-operations-analytics-log-analysis-cve-2018-1683>) \n1.3.5 | CVE-2018-8039 | WebSphere Application Server Liberty | [Security Bulletin: Potential MITM attack in Apache CXF used by WebSphere Application Server affects IBM Operations Analytics - Log Analysis (CVE-2018-8039)](<https://www.ibm.com/support/pages/security-bulletin-potential-mitm-attack-apache-cxf-used-websphere-application-server-affects-ibm-operations-analytics-log-analysis-cve-2018-8039>) \n \n1.3.1\n\n1.3.2\n\n1.3.3\n\n1.3.4\n\n1.3.5\n\n| CVE-2018-1901 | WebSphere Application Server Liberty | [Security Bulletin: Potential Privilege Escalation Vulnerability in WebSphere Application Server shipped with IBM Operations Analytics - Log Analysis (CVE-2018-1901)](<https://www.ibm.com/support/pages/security-bulletin-potential-privilege-escalation-vulnerability-websphere-application-server-shipped-ibm-operations-analytics-log-analysis-cve-2018-1901>) \n \n1.3.5 | CVE-2018-1553 | WebSphere Application Server Liberty | [Security Bulletin: Information disclosure in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2018-1553)](<https://www.ibm.com/support/pages/security-bulletin-information-disclosure-websphere-application-server-liberty-affect-ibm-operations-analytics-log-analysis-cve-2018-1553>) \n \n1.3.4\n\n1.3.5\n\n| CVE-2014-7810 | WebSphere Application Server Liberty | [Security Bulletin: Vulnerability in Expression Language library used by WebSphere Application Server shipped with IBM Operations Analytics - Log Analysis (CVE-2014-7810)](<https://www.ibm.com/support/pages/security-bulletin-vulnerability-expression-language-library-used-websphere-application-server-shipped-ibm-operations-analytics-log-analysis-cve-2014-7810>) \n1.3.5 | CVE-2018-1851 | WebSphere Application Server Liberty | [Security Bulletin: Code execution vulnerability with OpenID connect in WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2018-1851)](<https://www.ibm.com/support/pages/security-bulletin-code-execution-vulnerability-openid-connect-websphere-application-server-liberty-affects-ibm-operations-analytics-log-analysis-cve-2018-1851>) \n \n1.3.1\n\n1.3.2\n\n1.3.3\n\n1.3.4\n\n1.3.5\n\n| CVE-2018-1755 | WebSphere Application Server Liberty | [Security Bulletin: Information disclosure in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2018-1755)](<https://www.ibm.com/support/pages/node/792677>) \n \n[{\"Type\":\"MASTER\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Product\":{\"code\":\"SSPFMY\",\"label\":\"IBM Operations Analytics - Log Analysis\"},\"ARM Category\":[{\"code\":\"a8m50000000L0qYAAS\",\"label\":\"Log Analysis\"},{\"code\":\"a8m50000000CcMiAAK\",\"label\":\"Log Analysis-&gt;Framework-&gt;Security - Vulnerabilities\"}],\"ARM Case Number\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2021-09-01T11:04:11", "type": "ibm", "title": "Log Analysis Security Bulletin List", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2625", "CVE-2012-0881", "CVE-2013-4002", "CVE-2014-3643", "CVE-2014-7810", "CVE-2015-5237", "CVE-2015-6644", "CVE-2016-0702", "CVE-2016-0705", "CVE-2016-1000338", "CVE-2016-1000339", "CVE-2016-1000340", "CVE-2016-1000341", "CVE-2016-1000342", "CVE-2016-1000343", "CVE-2016-1000344", "CVE-2016-1000345", "CVE-2016-1000346", "CVE-2016-1000352", "CVE-2017-1000190", "CVE-2017-12624", "CVE-2017-15713", "CVE-2017-3164", "CVE-2017-3732", "CVE-2017-3736", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000632", "CVE-2018-10237", "CVE-2018-11307", "CVE-2018-11761", "CVE-2018-11766", "CVE-2018-11768", "CVE-2018-11796", "CVE-2018-11797", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-1388", "CVE-2018-1426", "CVE-2018-1427", "CVE-2018-1428", "CVE-2018-1447", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-1553", "CVE-2018-1683", "CVE-2018-17197", "CVE-2018-1755", "CVE-2018-1851", "CVE-2018-1901", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2018-8017", "CVE-2018-8036", "CVE-2018-8039", "CVE-2019-0192", "CVE-2019-0201", "CVE-2019-0228", "CVE-2019-10088", "CVE-2019-10094", "CVE-2019-10172", "CVE-2019-10202", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-17359", "CVE-2019-17531", "CVE-2019-17558", "CVE-2019-4046", "CVE-2019-4214", "CVE-2019-4215", "CVE-2019-4216", "CVE-2019-4243", "CVE-2019-4244", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-13957", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-1945", "CVE-2020-4590", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2021-09-01T11:04:11", "id": "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "href": "https://www.ibm.com/support/pages/node/6483079", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2022-02-16T11:35:37", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4949-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 04, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : jetty9\nCVE ID : CVE-2019-10241 CVE-2019-10247 CVE-2020-27216 CVE-2020-27223 \n CVE-2020-28165 CVE-2020-28169 CVE-2021-34428\n\nMultiple vulnerabilities were discovered in Jetty, a Java servlet engine\nand webserver which could result in cross-site scripting, information\ndisclosure, privilege escalation or denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 9.4.16-0+deb10u1.\n\nWe recommend that you upgrade your jetty9 packages.\n\nFor the detailed security status of jetty9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jetty9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-04T21:52:09", "type": "debian", "title": "[SECURITY] [DSA 4949-1] jetty9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241", "CVE-2019-10247", "CVE-2020-27216", "CVE-2020-27223", "CVE-2020-28165", "CVE-2020-28169", "CVE-2021-34428"], "modified": "2021-08-04T21:52:09", "id": "DEBIAN:DSA-4949-1:1212B", "href": "https://lists.debian.org/debian-security-announce/2021/msg00132.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-19T05:11:33", "description": "Package : jetty8\nVersion : 8.1.3-4+deb7u1\nCVE ID : CVE-2017-9735\nDebian Bug : 864898\n\nIt was discovered that Jetty8, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n8.1.3-4+deb7u1.\n\nWe recommend that you upgrade your jetty8 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-11T11:02:43", "type": "debian", "title": "[SECURITY] [DLA 1021-1] jetty8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2017-07-11T11:02:43", "id": "DEBIAN:DLA-1021-1:8BAEA", "href": "https://lists.debian.org/debian-lts-announce/2017/07/msg00013.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-24T05:28:46", "description": "Package : jetty\nVersion : 6.1.26-1+deb7u1\nCVE ID : CVE-2017-9735\nDebian Bug : 864898\n\nIt was discovered that Jetty, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n6.1.26-1+deb7u1.\n\nWe recommend that you upgrade your jetty packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-09T22:49:56", "type": "debian", "title": "[SECURITY] [DLA 1020-1] jetty security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2017-07-09T22:49:56", "id": "DEBIAN:DLA-1020-1:D77C3", "href": "https://lists.debian.org/debian-lts-announce/2017/07/msg00012.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-23T21:29:11", "description": "Package : jetty\nVersion : 6.1.26-1+deb7u1\nCVE ID : CVE-2017-9735\nDebian Bug : 864898\n\nIt was discovered that Jetty, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n6.1.26-1+deb7u1.\n\nWe recommend that you upgrade your jetty packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-07-09T22:49:56", "type": "debian", "title": "[SECURITY] [DLA 1020-1] jetty security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2017-07-09T22:49:56", "id": "DEBIAN:DLA-1020-1:153AB", "href": "https://lists.debian.org/debian-lts-announce/2017/07/msg00012.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-23T21:29:13", "description": "Package : jetty8\nVersion : 8.1.3-4+deb7u1\nCVE ID : CVE-2017-9735\nDebian Bug : 864898\n\nIt was discovered that Jetty8, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n8.1.3-4+deb7u1.\n\nWe recommend that you upgrade your jetty8 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-07-11T11:02:43", "type": "debian", "title": "[SECURITY] [DLA 1021-1] jetty8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2017-07-11T11:02:43", "id": "DEBIAN:DLA-1021-1:3F138", "href": "https://lists.debian.org/debian-lts-announce/2017/07/msg00013.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-03-01T06:06:44", "description": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-27T17:29:00", "type": "debiancve", "title": "CVE-2018-12536", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12536"], "modified": "2018-06-27T17:29:00", "id": "DEBIANCVE:CVE-2018-12536", "href": "https://security-tracker.debian.org/tracker/CVE-2018-12536", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-01T06:06:44", "description": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-04-22T20:29:00", "type": "debiancve", "title": "CVE-2019-10241", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241"], "modified": "2019-04-22T20:29:00", "id": "DEBIANCVE:CVE-2019-10241", "href": "https://security-tracker.debian.org/tracker/CVE-2019-10241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-01T06:06:44", "description": "In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-04-22T20:29:00", "type": "debiancve", "title": "CVE-2019-10247", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10247"], "modified": "2019-04-22T20:29:00", "id": "DEBIANCVE:CVE-2019-10247", "href": "https://security-tracker.debian.org/tracker/CVE-2019-10247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-01T06:06:44", "description": "Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-06-16T21:29:00", "type": "debiancve", "title": "CVE-2017-9735", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2017-06-16T21:29:00", "id": "DEBIANCVE:CVE-2017-9735", "href": "https://security-tracker.debian.org/tracker/CVE-2017-9735", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-01T06:06:44", "description": "In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-23T13:15:00", "type": "debiancve", "title": "CVE-2020-27216", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2020-10-23T13:15:00", "id": "DEBIANCVE:CVE-2020-27216", "href": "https://security-tracker.debian.org/tracker/CVE-2020-27216", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-01-27T14:08:40", "description": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using\ndefault Error Handling, when an intentionally bad query arrives that\ndoesn't match a dynamic url-pattern, and is eventually handled by the\nDefaultServlet's static file serving, the bad characters can trigger a\njava.nio.file.InvalidPathException which includes the full path to the base\nresource directory that the DefaultServlet and/or webapp is using. If this\nInvalidPathException is then handled by the default Error Handler, the\nInvalidPathException message is included in the error response, revealing\nthe full server path to the requesting system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-27T00:00:00", "type": "ubuntucve", "title": "CVE-2018-12536", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12536"], "modified": "2018-06-27T00:00:00", "id": "UB:CVE-2018-12536", "href": "https://ubuntu.com/security/CVE-2018-12536", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-27T13:57:41", "description": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and\nolder, the server is vulnerable to XSS conditions if a remote client USES a\nspecially formatted URL against the DefaultServlet or ResourceHandler that\nis configured for showing a Listing of directory contents.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-04-22T00:00:00", "type": "ubuntucve", "title": "CVE-2019-10241", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241"], "modified": "2019-04-22T00:00:00", "id": "UB:CVE-2019-10241", "href": "https://ubuntu.com/security/CVE-2019-10241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-27T13:57:40", "description": "In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and\n9.4.16 and older, the server running on any OS and Jetty version\ncombination will reveal the configured fully qualified directory base\nresource location on the output of the 404 error for not finding a Context\nthat matches the requested path. The default server behavior on\njetty-distribution and jetty-home will include at the end of the Handler\ntree a DefaultHandler, which is responsible for reporting this 404 error,\nit presents the various configured contexts as HTML for users to click\nthrough to. This produced HTML includes output that contains the configured\nfully qualified directory base resource location for each context.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-04-22T00:00:00", "type": "ubuntucve", "title": "CVE-2019-10247", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10247"], "modified": "2019-04-22T00:00:00", "id": "UB:CVE-2019-10247", "href": "https://ubuntu.com/security/CVE-2019-10247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-27T14:27:05", "description": "Jetty through 9.4.x is prone to a timing channel in\nutil/security/Password.java, which makes it easier for remote attackers to\nobtain access by observing elapsed times before rejection of incorrect\npasswords.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864898>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-06-16T00:00:00", "type": "ubuntucve", "title": "CVE-2017-9735", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2017-06-16T00:00:00", "id": "UB:CVE-2017-9735", "href": "https://ubuntu.com/security/CVE-2017-9735", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-27T13:39:08", "description": "In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru\n10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems,\nthe system's temporary directory is shared between all users on that\nsystem. A collocated user can observe the process of creating a temporary\nsub directory in the shared temporary directory and race to complete the\ncreation of the temporary subdirectory. If the attacker wins the race then\nthey will have read and write permission to the subdirectory used to unpack\nweb applications, including their WEB-INF/lib jar files and JSP files. If\nany code is ever executed out of this temporary directory, this can lead to\na local privilege escalation vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-23T00:00:00", "type": "ubuntucve", "title": "CVE-2020-27216", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2020-10-23T00:00:00", "id": "UB:CVE-2020-27216", "href": "https://ubuntu.com/security/CVE-2020-27216", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-03-07T23:25:14", "description": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.\n#### Mitigation\n\nInformation disclosure occurs when java.nio.file.InvalidPathException occurs and is handled by the default Jetty error handler. To protect against this, a custom error handler can be configured for that particular error or for a larger set of errors according to the documentation link below. Red Hat Product Security advises that production deployments on Jetty use custom error handlers to limit the information disclosed and to ensure effective logging of error conditions. \n\n\n<http://www.eclipse.org/jetty/documentation/current/custom-error-pages.html> \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-07-02T22:33:34", "type": "redhatcve", "title": "CVE-2018-12536", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12536"], "modified": "2023-03-07T23:19:38", "id": "RH:CVE-2018-12536", "href": "https://access.redhat.com/security/cve/cve-2018-12536", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-08T20:23:42", "description": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-05-03T10:22:41", "type": "redhatcve", "title": "CVE-2019-10241", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241"], "modified": "2023-03-08T18:01:22", "id": "RH:CVE-2019-10241", "href": "https://access.redhat.com/security/cve/cve-2019-10241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-08T20:23:47", "description": "In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-05-03T12:04:35", "type": "redhatcve", "title": "CVE-2019-10247", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10247"], "modified": "2023-03-08T18:01:20", "id": "RH:CVE-2019-10247", "href": "https://access.redhat.com/security/cve/cve-2019-10247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-15T18:13:55", "description": "Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-06-22T14:50:17", "type": "redhatcve", "title": "CVE-2017-9735", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2021-10-13T17:35:33", "id": "RH:CVE-2017-9735", "href": "https://access.redhat.com/security/cve/cve-2017-9735", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-11T08:25:21", "description": "In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.\n#### Mitigation\n\nJetty users should create temp folders outside the normal /tmp structure, and ensure that their permissions are set so as not to be accessible by an attacker. \n\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-23T21:03:44", "type": "redhatcve", "title": "CVE-2020-27216", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2023-03-11T07:36:33", "id": "RH:CVE-2020-27216", "href": "https://access.redhat.com/security/cve/cve-2020-27216", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:07:35", "description": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-27T17:29:00", "type": "cve", "title": "CVE-2018-12536", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12536"], "modified": "2021-05-14T16:15:00", "cpe": ["cpe:/a:oracle:retail_xstore_point_of_service:7.1", "cpe:/a:oracle:retail_xstore_point_of_service:16.0.0", "cpe:/a:oracle:retail_xstore_point_of_service:15.0", "cpe:/a:oracle:retail_xstore_point_of_service:17.0", "cpe:/a:eclipse:jetty:9.2.26"], "id": "CVE-2018-12536", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12536", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.26:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:00", "description": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2019-04-22T20:29:00", "type": "cve", "title": "CVE-2019-10241", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10241"], "modified": "2022-04-22T20:06:00", "cpe": ["cpe:/a:eclipse:jetty:9.2.1", "cpe:/a:eclipse:jetty:9.2.9", "cpe:/a:eclipse:jetty:9.4.8", "cpe:/a:eclipse:jetty:9.2.0", "cpe:/a:eclipse:jetty:9.3.18", "cpe:/a:eclipse:jetty:9.4.3", "cpe:/a:eclipse:jetty:9.3.1", "cpe:/a:eclipse:jetty:9.2.8", "cpe:/a:eclipse:jetty:9.2.7", "cpe:/a:oracle:retail_xstore_point_of_service:7.1", "cpe:/a:eclipse:jetty:9.3.5", "cpe:/a:oracle:retail_xstore_point_of_service:16.0", "cpe:/a:eclipse:jetty:9.3.8", "cpe:/a:eclipse:jetty:9.4.5", "cpe:/a:eclipse:jetty:9.2.24", "cpe:/a:eclipse:jetty:9.4.14", "cpe:/a:eclipse:jetty:9.3.11", "cpe:/a:eclipse:jetty:9.4.11", "cpe:/a:eclipse:jetty:9.3.21", "cpe:/a:eclipse:jetty:9.2.22", "cpe:/a:eclipse:jetty:9.3.17", "cpe:/a:eclipse:jetty:9.4.15", "cpe:/a:eclipse:jetty:9.2.10", "cpe:/a:eclipse:jetty:9.3.6", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:eclipse:jetty:9.3.4", "cpe:/a:eclipse:jetty:9.4.13", "cpe:/a:eclipse:jetty:9.3.23", "cpe:/a:eclipse:jetty:9.3.13", "cpe:/a:eclipse:jetty:9.3.12", "cpe:/a:eclipse:jetty:9.2.26", "cpe:/a:eclipse:jetty:9.2.16", "cpe:/a:eclipse:jetty:9.3.19", "cpe:/a:oracle:retail_xstore_point_of_service:17.0", "cpe:/a:eclipse:jetty:9.2.19", "cpe:/a:eclipse:jetty:9.4.0", "cpe:/a:eclipse:jetty:9.3.16", "cpe:/a:eclipse:jetty:9.3.9", "cpe:/a:eclipse:jetty:9.2.17", "cpe:/a:eclipse:jetty:9.2.2", "cpe:/a:eclipse:jetty:9.2.25", "cpe:/a:eclipse:jetty:9.2.23", "cpe:/a:apache:activemq:5.15.9", "cpe:/a:eclipse:jetty:9.2.18", "cpe:/a:eclipse:jetty:9.4.2", "cpe:/a:eclipse:jetty:9.3.7", "cpe:/a:oracle:flexcube_core_banking:5.2.0", "cpe:/a:eclipse:jetty:9.3.24", "cpe:/a:oracle:rest_data_services:11.2.0.4", "cpe:/a:eclipse:jetty:9.2.6", "cpe:/a:eclipse:jetty:9.3.22", "cpe:/a:eclipse:jetty:9.4.10", "cpe:/a:eclipse:jetty:9.4.9", "cpe:/a:eclipse:jetty:9.2.3", "cpe:/a:eclipse:jetty:9.2.4", "cpe:/a:eclipse:jetty:9.3.15", "cpe:/a:eclipse:jetty:9.3.0", "cpe:/a:eclipse:jetty:9.2.21", "cpe:/a:eclipse:jetty:9.2.12", "cpe:/a:eclipse:jetty:9.3.3", "cpe:/a:eclipse:jetty:9.2.15", "cpe:/a:eclipse:jetty:9.2.11", "cpe:/a:oracle:retail_xstore_point_of_service:15.0", "cpe:/a:eclipse:jetty:9.4.1", "cpe:/a:oracle:rest_data_services:18c", "cpe:/a:oracle:rest_data_services:12.2.0.1", "cpe:/a:eclipse:jetty:9.2.14", "cpe:/a:eclipse:jetty:9.3.20", "cpe:/a:eclipse:jetty:9.3.25", "cpe:/a:oracle:rest_data_services:12.1.0.2", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:eclipse:jetty:9.2.5", "cpe:/a:eclipse:jetty:9.4.7", "cpe:/a:eclipse:jetty:9.2.13", "cpe:/a:apache:drill:1.16.0", "cpe:/a:eclipse:jetty:9.3.2", "cpe:/a:eclipse:jetty:9.3.10", "cpe:/a:eclipse:jetty:9.2.20", "cpe:/a:eclipse:jetty:9.4.4", "cpe:/a:eclipse:jetty:9.3.14", "cpe:/a:oracle:flexcube_core_banking:11.7.0", "cpe:/a:eclipse:jetty:9.4.6", "cpe:/a:eclipse:jetty:9.4.12"], "id": "CVE-2019-10241", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10241", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.16:20160407:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.10:20150310:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.18:20160721:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.3:20140905:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.1:20140609:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:20140526:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.14:20151106:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.25:20180606:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.2:20140723:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.12:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.6:20141205:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.22:20170606:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.16:20160414:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.15.9:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.5:20141112:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.17:20160517:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.4:20141103:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.20:20161216:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.21:20170120:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.13:20150730:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.8:20150217:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.11:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.12:20150709:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.11:20150529:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*", "cpe:2.3:a:apache:drill:1.16.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.15:20160210:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:20140523:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.11:20150528:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.14:20181114:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.19:20160908:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.7:20150116:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.24:20180105:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.9:20150224:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.12:20180830:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.6:20141203:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.13:20181111:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.23:20171218:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:25:02", "description": "In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-04-22T20:29:00", "type": "cve", "title": "CVE-2019-10247", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10247"], "modified": "2022-04-22T20:09:00", "cpe": ["cpe:/a:eclipse:jetty:9.2.1", "cpe:/a:eclipse:jetty:9.2.9", "cpe:/a:eclipse:jetty:9.4.8", "cpe:/a:eclipse:jetty:9.1.2", "cpe:/a:eclipse:jetty:9.2.0", "cpe:/a:oracle:fmw_platform:12.2.1.4.0", "cpe:/a:eclipse:jetty:8.1.4", "cpe:/a:eclipse:jetty:9.0.2", "cpe:/a:eclipse:jetty:9.3.18", "cpe:/a:eclipse:jetty:9.4.3", "cpe:/a:eclipse:jetty:8.1.20", "cpe:/a:oracle:communications_element_manager:8.0.0", "cpe:/a:eclipse:jetty:9.0.1", "cpe:/a:eclipse:jetty:9.3.1", "cpe:/a:eclipse:jetty:9.2.8", "cpe:/a:eclipse:jetty:9.2.7", "cpe:/a:eclipse:jetty:7.0.0", "cpe:/a:oracle:retail_xstore_point_of_service:7.1", "cpe:/a:oracle:flexcube_private_banking:12.0.0", "cpe:/a:eclipse:jetty:9.1.3", "cpe:/a:oracle:communications_session_report_manager:8.2.0", "cpe:/a:eclipse:jetty:9.3.5", "cpe:/a:oracle:retail_xstore_point_of_service:16.0", "cpe:/a:oracle:endeca_information_discovery_integrator:3.2.0", "cpe:/a:eclipse:jetty:7.6.14", "cpe:/a:eclipse:jetty:9.3.8", "cpe:/a:eclipse:jetty:9.4.5", "cpe:/a:eclipse:jetty:7.3.1", "cpe:/a:eclipse:jetty:9.2.24", "cpe:/a:eclipse:jetty:9.4.14", "cpe:/a:eclipse:jetty:9.3.11", "cpe:/a:eclipse:jetty:9.0.4", "cpe:/a:netapp:vasa_provider_for_clustered_data_ontap:*", "cpe:/a:eclipse:jetty:7.2.2", "cpe:/a:oracle:fmw_platform:12.2.1.3.0", "cpe:/a:eclipse:jetty:7.6.18", "cpe:/a:eclipse:jetty:8.1.5", "cpe:/a:eclipse:jetty:8.1.0", "cpe:/a:eclipse:jetty:9.4.11", "cpe:/a:eclipse:jetty:9.3.21", "cpe:/a:eclipse:jetty:9.2.22", "cpe:/a:eclipse:jetty:8.0.0", "cpe:/a:eclipse:jetty:9.3.17", "cpe:/a:oracle:enterprise_manager_base_platform:13.2", "cpe:/a:eclipse:jetty:9.1.4", "cpe:/a:eclipse:jetty:8.1.11", "cpe:/a:eclipse:jetty:9.1.6", "cpe:/a:eclipse:jetty:8.2.0", "cpe:/a:oracle:communications_session_route_manager:8.0.0", "cpe:/a:eclipse:jetty:9.4.15", "cpe:/a:eclipse:jetty:8.1.2", "cpe:/a:eclipse:jetty:8.1.19", "cpe:/a:eclipse:jetty:7.1.1", "cpe:/a:oracle:communications_services_gatekeeper:6.1", "cpe:/a:eclipse:jetty:7.4.0", "cpe:/a:eclipse:jetty:9.2.10", "cpe:/a:eclipse:jetty:8.1.6", "cpe:/a:eclipse:jetty:8.1.22", "cpe:/a:eclipse:jetty:9.3.6", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:oracle:autovue:21.0.2", "cpe:/a:eclipse:jetty:9.3.4", "cpe:/a:eclipse:jetty:9.4.13", "cpe:/a:eclipse:jetty:8.1.12", "cpe:/a:oracle:communications_session_report_manager:8.0.0", "cpe:/a:eclipse:jetty:9.3.23", "cpe:/a:eclipse:jetty:9.2.27", "cpe:/a:eclipse:jetty:7.6.5", "cpe:/a:eclipse:jetty:9.3.13", "cpe:/a:oracle:communications_session_report_manager:8.1.0", "cpe:/a:eclipse:jetty:9.3.12", "cpe:/a:eclipse:jetty:9.2.26", "cpe:/a:oracle:data_integrator:12.2.1.4.0", "cpe:/a:eclipse:jetty:9.2.16", "cpe:/a:eclipse:jetty:8.0.4", "cpe:/a:eclipse:jetty:9.3.19", "cpe:/a:oracle:retail_xstore_point_of_service:17.0", "cpe:/a:eclipse:jetty:8.0.2", "cpe:/a:eclipse:jetty:7.6.6", "cpe:/a:eclipse:jetty:9.2.19", "cpe:/a:eclipse:jetty:9.4.0", "cpe:/a:eclipse:jetty:7.6.7", "cpe:/a:eclipse:jetty:7.6.21", "cpe:/a:eclipse:jetty:7.5.3", "cpe:/a:eclipse:jetty:9.0.5", "cpe:/a:eclipse:jetty:8.1.18", "cpe:/a:oracle:communications_element_manager:8.1.1", "cpe:/a:oracle:hospitality_guest_access:4.2.0", "cpe:/a:eclipse:jetty:9.3.16", "cpe:/a:eclipse:jetty:9.3.9", "cpe:/a:netapp:virtual_storage_console:*", "cpe:/a:eclipse:jetty:7.5.1", "cpe:/a:eclipse:jetty:9.2.17", "cpe:/a:eclipse:jetty:9.2.2", "cpe:/a:eclipse:jetty:9.2.25", "cpe:/a:eclipse:jetty:9.1.5", "cpe:/a:eclipse:jetty:7.6.12", "cpe:/a:oracle:data_integrator:12.2.1.3.0", "cpe:/a:oracle:communications_session_report_manager:8.1.1", "cpe:/a:eclipse:jetty:9.2.23", "cpe:/a:eclipse:jetty:8.1.9", "cpe:/a:eclipse:jetty:9.2.18", "cpe:/a:eclipse:jetty:7.0.1", "cpe:/a:eclipse:jetty:9.4.2", "cpe:/a:eclipse:jetty:8.1.21", "cpe:/a:eclipse:jetty:9.3.7", "cpe:/a:eclipse:jetty:7.6.13", "cpe:/a:eclipse:jetty:7.4.3", "cpe:/a:eclipse:jetty:8.1.16", "cpe:/a:eclipse:jetty:7.6.10", "cpe:/a:eclipse:jetty:7.6.17", "cpe:/a:eclipse:jetty:7.4.1", "cpe:/a:eclipse:jetty:7.6.1", "cpe:/a:eclipse:jetty:7.1.5", "cpe:/a:oracle:flexcube_core_banking:5.2.0", "cpe:/a:eclipse:jetty:9.3.24", "cpe:/a:eclipse:jetty:7.6.16", "cpe:/a:eclipse:jetty:7.6.9", "cpe:/a:eclipse:jetty:7.5.4", "cpe:/a:eclipse:jetty:7.4.2", "cpe:/a:eclipse:jetty:9.2.6", "cpe:/a:oracle:hospitality_guest_access:4.2.1", "cpe:/a:eclipse:jetty:7.6.15", "cpe:/a:eclipse:jetty:7.1.6", "cpe:/a:eclipse:jetty:9.3.22", "cpe:/a:eclipse:jetty:7.6.0", "cpe:/a:eclipse:jetty:9.4.10", "cpe:/a:eclipse:jetty:9.4.9", "cpe:/a:eclipse:jetty:7.6.3", "cpe:/a:eclipse:jetty:9.2.3", "cpe:/a:eclipse:jetty:7.5.0", "cpe:/a:eclipse:jetty:7.3.0", "cpe:/a:eclipse:jetty:9.2.4", "cpe:/a:eclipse:jetty:9.1.1", "cpe:/a:eclipse:jetty:7.1.4", "cpe:/a:eclipse:jetty:9.3.15", "cpe:/a:eclipse:jetty:9.0.7", "cpe:/a:eclipse:jetty:9.3.0", "cpe:/a:oracle:communications_session_route_manager:8.1.1", "cpe:/a:eclipse:jetty:8.1.13", "cpe:/a:eclipse:jetty:7.0.2", "cpe:/a:eclipse:jetty:8.1.8", "cpe:/a:eclipse:jetty:9.2.21", "cpe:/a:eclipse:jetty:8.1.10", "cpe:/a:eclipse:jetty:9.2.12", "cpe:/a:eclipse:jetty:9.0.0", "cpe:/a:oracle:communications_session_route_manager:8.1.0", "cpe:/a:eclipse:jetty:9.3.3", "cpe:/a:eclipse:jetty:7.1.0", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:eclipse:jetty:9.2.15", "cpe:/a:netapp:oncommand_system_manager:3.1.3", "cpe:/a:oracle:flexcube_private_banking:12.1.0", "cpe:/a:eclipse:jetty:9.2.11", "cpe:/a:oracle:retail_xstore_point_of_service:15.0", "cpe:/a:eclipse:jetty:9.4.1", "cpe:/a:eclipse:jetty:8.1.17", "cpe:/a:oracle:communications_analytics:12.1.1", "cpe:/a:eclipse:jetty:9.1.0", "cpe:/a:eclipse:jetty:8.1.14", "cpe:/a:eclipse:jetty:7.6.20", "cpe:/a:oracle:communications_element_manager:8.1.0", "cpe:/a:eclipse:jetty:8.0.3", "cpe:/a:netapp:storage_replication_adapter_for_clustered_data_ontap:*", "cpe:/a:eclipse:jetty:7.6.19", "cpe:/a:eclipse:jetty:9.2.14", "cpe:/a:eclipse:jetty:9.3.20", "cpe:/a:eclipse:jetty:7.6.11", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:enterprise_manager_base_platform:13.3", "cpe:/a:eclipse:jetty:9.3.25", "cpe:/a:eclipse:jetty:7.6.4", "cpe:/a:eclipse:jetty:8.1.7", "cpe:/a:oracle:communications_element_manager:8.2.0", "cpe:/a:eclipse:jetty:9.0.6", "cpe:/a:eclipse:jetty:9.3.26", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:eclipse:jetty:9.2.5", "cpe:/a:oracle:communications_services_gatekeeper:6.0", "cpe:/a:eclipse:jetty:8.1.15", "cpe:/a:netapp:storage_services_connector:-", "cpe:/a:eclipse:jetty:9.4.7", "cpe:/a:eclipse:jetty:7.1.2", "cpe:/a:eclipse:jetty:7.4.4", "cpe:/a:eclipse:jetty:9.2.13", "cpe:/a:eclipse:jetty:7.1.3", "cpe:/o:netapp:element:-", "cpe:/a:eclipse:jetty:7.6.2", "cpe:/a:eclipse:jetty:9.3.2", "cpe:/a:netapp:snapmanager:-", "cpe:/a:eclipse:jetty:7.2.1", "cpe:/a:eclipse:jetty:9.3.10", "cpe:/a:netapp:snap_creator_framework:-", "cpe:/a:oracle:unified_directory:12.2.1.4.0", "cpe:/a:eclipse:jetty:9.2.20", "cpe:/a:eclipse:jetty:8.1.1", "cpe:/a:eclipse:jetty:7.2.0", "cpe:/a:eclipse:jetty:9.4.4", "cpe:/a:eclipse:jetty:9.3.14", "cpe:/a:eclipse:jetty:8.0.1", "cpe:/a:eclipse:jetty:8.1.3", "cpe:/a:oracle:flexcube_core_banking:11.7.0", "cpe:/a:eclipse:jetty:7.6.8", "cpe:/a:oracle:communications_session_route_manager:8.2.0", "cpe:/a:eclipse:jetty:7.5.2", "cpe:/a:eclipse:jetty:9.4.6", "cpe:/a:eclipse:jetty:9.4.12", "cpe:/a:eclipse:jetty:9.0.3", "cpe:/a:oracle:unified_directory:12.2.1.3.0", "cpe:/a:eclipse:jetty:7.4.5"], "id": "CVE-2019-10247", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10247", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.9:20130131:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.3:20140225:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.2:20120302:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.4:20140401:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.17:20150415:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.4:20100610:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.22:20170606:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.16:20160414:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.2.1:20101111:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.16:20140903:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.3:20111011:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_4:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.15:20140411:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.3:20111011:*:*:*:*:*:*", "cpe:2.3:a:netapp:storage_services_connector:-:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.2:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.4:20120522:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.11:20130725:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.5:20100705:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.15:20160210:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.14:20181114:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.20:20160902:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.3:20120413:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.1:20120215:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.13:20181111:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.1:20110908:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.5:20120713:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.6:20100715:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.6:20120903:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.16:20140903:*:*:*:*:*:*", "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.21:20160908:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.8:20121106:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.22:20160922:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.3:20110630:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.16:20160407:*:*:*:*:*:*", "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:20130308:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.3:20140905:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.1:20140609:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.0:20100505:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.3.1:20110307:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.7:20131107:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.2:20100523:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.6:20130919:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.4:20141103:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.18:20150929:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*", "cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*", "cpe:2.3:a:eclipse:jetty:8.1.19:20160209:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.21:20170120:*:*:*:*:*:*", "cpe:2.3:a:oracle:unified_directory:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.4:20130621:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.2:20120308:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.2:20130417:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.5:20130813:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.8:20150217:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.0:20110901:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.11:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.3:20110701:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.12:20130726:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.6:20160112:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.11:20130520:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.2:20120302:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.11:20150528:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.19:20160908:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.2:20111006:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.2:20120308:*:*:*:*:*:*", "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:eclipse:jetty:8.1.5:20120716:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.9:20130131:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.5:20140505:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_4:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_3:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.6:20130930:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.7:20120910:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.27:20190403:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.18:20160721:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.14:20131031:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.3:20120416:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.12:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.6:20151106:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.8:20121106:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:*", "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*", "cpe:2.3:a:eclipse:jetty:7.6.13:20130910:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.12:20130725:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.0:20110901:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.6:20141205:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.7:20120910:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.14:20131031:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.3:20120416:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.5:20110725:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.17:20160517:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.3:20100526:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.20:20161216:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:20120127:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.1:20091125:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.4:20110707:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.13:20130910:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.0:20110414:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.2:20111006:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.4:20130625:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.5:20130815:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.12:20150709:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.11:20150529:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.4:20111024:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.2:20110526:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.11:20130520:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.6:20120903:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_3:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:20140523:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_5:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.7:20150116:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.4:20120524:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.12:20180830:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.6:20141203:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.5:20120716:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.2.2:20101205:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.17:20150415:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.20:20160902:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:20120125:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:20091005:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.19:20160209:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.2:20140415:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:sap:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.3:20130506:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.1:20120215:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.10:20150310:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.10:20130312:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:*", "cpe:2.3:a:oracle:unified_directory:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.14:20151106:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:20140526:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.25:20180606:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.2:20140723:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.12:20130726:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.2.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.2.0:20101020:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.21:20160908:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:m5:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.5:20141112:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.0:20120127:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.3.0:20110203:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_3:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.18:20150929:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.13:20130916:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue:21.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.13:20150730:*:*:*:*:*:*", "cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.1:20130408:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.5:20120713:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:*", "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.26:20190403:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.0:20131115:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.24:20180105:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.9:20150224:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.4:20120524:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.1:20140108:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_system_manager:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:*", "cpe:2.3:a:oracle:fmw_platform:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.2.23:20171218:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.4.1:20110513:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.0.2:20100331:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.1.2:20140210:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.1.1:20100517:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.6.15:20140411:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.4:20111024:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:7.5.1:20110908:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.2.0:20160908:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.0.7:20131031:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:8.1.10:20130312:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T16:18:18", "description": "Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-06-16T21:29:00", "type": "cve", "title": "CVE-2017-9735", "cwe": ["CWE-203"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9735"], "modified": "2022-03-15T14:55:00", "cpe": ["cpe:/a:oracle:hospitality_guest_access:4.2.1", "cpe:/a:oracle:retail_xstore_point_of_service:16.0", "cpe:/a:oracle:retail_xstore_point_of_service:15.0", "cpe:/a:oracle:rest_data_services:12.2.0.1", "cpe:/a:oracle:hospitality_guest_access:4.2.0", "cpe:/a:oracle:rest_data_services:12.1.0.2", "cpe:/a:oracle:communications_cloud_native_core_policy:1.5.0", "cpe:/a:oracle:rest_data_services:11.2.0.4", "cpe:/a:oracle:retail_xstore_point_of_service:17.0", "cpe:/a:oracle:enterprise_manager_base_platform:13.3", "cpe:/a:oracle:enterprise_manager_base_platform:13.2", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:rest_data_services:18c", "cpe:/a:oracle:retail_xstore_point_of_service:7.1"], "id": "CVE-2017-9735", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9735", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T15:16:42", "description": "In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-23T13:15:00", "type": "cve", "title": "CVE-2020-27216", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27216"], "modified": "2022-03-01T20:35:00", "cpe": ["cpe:/a:apache:beam:2.25.0", "cpe:/a:netapp:virtual_storage_console:*", "cpe:/a:oracle:flexcube_private_banking:12.1.0", "cpe:/a:oracle:siebel_core_-_automation:21.5", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:apache:beam:2.21.0", "cpe:/a:oracle:flexcube_private_banking:12.0.0", "cpe:/a:eclipse:jetty:11.0.0", "cpe:/a:oracle:communications_offline_mediation_controller:12.0.0.3.0", "cpe:/a:eclipse:jetty:10.0.0", "cpe:/a:oracle:communications_element_manager:8.2.2.1", "cpe:/a:apache:beam:2.22.0", "cpe:/a:apache:beam:2.23.0", "cpe:/a:netapp:snap_creator_framework:-", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:apache:beam:2.24.0", "cpe:/a:oracle:flexcube_core_banking:11.9.0", "cpe:/a:oracle:communications_converged_application_server_-_service_controller:6.2", "cpe:/a:netapp:vasa_provider:*", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:netapp:storage_replication_adapter:*", "cpe:/a:oracle:communications_pricing_design_center:12.0.0.3.0", "cpe:/a:eclipse:jetty:9.4.32", "cpe:/a:oracle:communications_application_session_controller:3.9m0p2", "cpe:/a:netapp:snapcenter:-"], "id": "CVE-2020-27216", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27216", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:beam:2.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:vasa_provider:*:*:*:*:*:clustered_data_ontap:*:*", "cpe:2.3:a:apache:beam:2.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:10.0.0:beta0:*:*:*:*:*:*", "cpe:2.3:a:apache:beam:2.25.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:apache:beam:2.21.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:11.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:11.0.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:beam:2.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:10.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:storage_replication_adapter:*:*:*:*:*:clustered_data_ontap:*:*", "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_core_banking:11.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:10.0.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:11.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:9.4.32:*:*:*:*:*:*:*", "cpe:2.3:a:eclipse:jetty:10.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_core_-_automation:21.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-09-27T13:08:11", "description": "The host is installed with Eclipse Jetty\n Server and is prone to information disclosure vulnerability.", "cvss3": {}, "published": "2018-07-05T00:00:00", "type": "openvas", "title": "Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12536"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310813552", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813552", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability (Linux)\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813552\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_cve_id(\"CVE-2018-12536\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-05 12:17:02 +0530 (Thu, 05 Jul 2018)\");\n script_name(\"Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability (Linux)\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Eclipse Jetty\n Server and is prone to information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to an improper handling\n of bad queries.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Eclipse Jetty Server versions 9.2.x, 9.3.x\n before 9.3.24.v20180605 and 9.4.x before 9.4.11.v20180605.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Eclipse Jetty Server version\n 9.3.24.v20180605 or 9.4.11.v20180605 or later as per the series. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, version_regex:\"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"9.2.0\", test_version2:\"9.3.24.20180604\")) {\n fix = \"9.3.24.v20180605\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"9.4.0\", test_version2:\"9.4.11.20180604\")) {\n fix = \"9.4.11.v20180605\";\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report, port:port);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-27T13:08:11", "description": "The host is installed with Eclipse Jetty\n Server and is prone to information disclosure vulnerability.", "cvss3": {}, "published": "2018-07-05T00:00:00", "type": "openvas", "title": "Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12536"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310108501", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability (Windows)\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108501\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_cve_id(\"CVE-2018-12536\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-05 12:17:02 +0530 (Thu, 05 Jul 2018)\");\n script_name(\"Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability (Windows)\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Eclipse Jetty\n Server and is prone to information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to an improper handling\n of bad queries.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Eclipse Jetty Server versions 9.2.x, 9.3.x\n before 9.3.24.v20180605 and 9.4.x before 9.4.11.v20180605.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Eclipse Jetty Server version\n 9.3.24.v20180605 or 9.4.11.v20180605 or later as per the series. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, version_regex:\"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"9.2.0\", test_version2:\"9.3.24.20180604\")) {\n fix = \"9.3.24.v20180605\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"9.4.0\", test_version2:\"9.4.11.20180604\")) {\n fix = \"9.4.11.v20180605\";\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report, port:port);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-27T12:47:40", "description": "Eclipse Jetty is vulnerable to XSS conditions if a remote client USES a\n specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing\n of directory contents.", "cvss3": {}, "published": "2019-04-25T00:00:00", "type": "openvas", "title": "Eclipse Jetty XSS Vulnerability - CVE-2019-10241 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10241"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310142312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142312", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142312\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-25 13:27:54 +0000 (Thu, 25 Apr 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2019-10241\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Eclipse Jetty XSS Vulnerability - CVE-2019-10241 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Eclipse Jetty is vulnerable to XSS conditions if a remote client USES a\n specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing\n of directory contents.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Eclipse Jetty version 9.2.26 and prior, 9.3.25 and prior and 9.4.15 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411 or\n later.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex: \"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"9.2\", test_version2: \"9.3.26.20190403\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.2.27.20190403\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.3\", test_version2: \"9.3.25.20180904\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.26.v20190403\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.4\", test_version2: \"9.4.15.v20190215\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.16.v20190411\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-09-27T12:47:40", "description": "Eclipse Jetty is vulnerable to XSS conditions if a remote client USES a\n specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing\n of directory contents.", "cvss3": {}, "published": "2019-04-25T00:00:00", "type": "openvas", "title": "Eclipse Jetty XSS Vulnerability - CVE-2019-10241 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10241"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310142313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142313", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142313\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-25 13:36:58 +0000 (Thu, 25 Apr 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2019-10241\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Eclipse Jetty XSS Vulnerability - CVE-2019-10241 (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Eclipse Jetty is vulnerable to XSS conditions if a remote client USES a\n specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing\n of directory contents.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Eclipse Jetty version 9.2.26 and prior, 9.3.25 and prior and 9.4.15 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411 or\n later.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex: \"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"9.2\", test_version2: \"9.3.26.20190403\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.2.27.20190403\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.3\", test_version2: \"9.3.25.20180904\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.26.v20190403\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.4\", test_version2: \"9.4.15.v20190215\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.16.v20190411\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-09-27T12:47:40", "description": "Eclypse Jetty is prone to an information disclosure vulnerability.", "cvss3": {}, "published": "2019-04-25T00:00:00", "type": "openvas", "title": "Eclipse Jetty Information Disclosure Vulnerability - CVE-2019-10247 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10247"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:136141256231014231", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231014231", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.14231\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-25 13:08:16 +0000 (Thu, 25 Apr 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2019-10247\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Eclipse Jetty Information Disclosure Vulnerability - CVE-2019-10247 (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Eclypse Jetty is prone to an information disclosure vulnerability.\");\n\n script_tag(name:\"insight\", value:\"The DefaultHandler will present the full path to the Resource Base directory,\n if the server is configured with only non-root contexts.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Eclipse Jetty version 7.x and prior, 8.x, 9.2.27.v20190403 and prior,\n 9.3.26.v20190403 and prior and 9.4.16.v20190411 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 or\n later.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577\");\n script_xref(name:\"URL\", value:\"https://github.com/eclipse/jetty.project/issues/3555\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex: \"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_is_less(version: version, test_version: \"9.2.28.20190418\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.2.28.20190418\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.3\", test_version2: \"9.3.26.20190403\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.27.20190418\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.4\", test_version2: \"9.4.16.20190411\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.17.20190418\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-27T12:47:40", "description": "Eclypse Jetty is prone to an information disclosure vulnerability.", "cvss3": {}, "published": "2019-04-25T00:00:00", "type": "openvas", "title": "Eclipse Jetty Information Disclosure Vulnerability - CVE-2019-10247 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10247"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310142309", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142309", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142309\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-25 12:50:07 +0000 (Thu, 25 Apr 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2019-10247\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Eclipse Jetty Information Disclosure Vulnerability - CVE-2019-10247 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Eclypse Jetty is prone to an information disclosure vulnerability.\");\n\n script_tag(name:\"insight\", value:\"The DefaultHandler will present the full path to the Resource Base directory,\n if the server is configured with only non-root contexts.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Eclipse Jetty version 7.x and prior, 8.x, 9.2.27.v20190403 and prior,\n 9.3.26.v20190403 and prior and 9.4.16.v20190411 and prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 or\n later.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577\");\n script_xref(name:\"URL\", value:\"https://github.com/eclipse/jetty.project/issues/3555\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex: \"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_is_less(version: version, test_version: \"9.2.28.20190418\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.2.28.20190418\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.3\", test_version2: \"9.3.26.20190403\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.27.20190418\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"9.4\", test_version2: \"9.4.16.20190411\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.17.20190418\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-29T20:08:41", "description": "It was discovered that Jetty8, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.", "cvss3": {}, "published": "2018-02-05T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jetty8 (DLA-1021-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891021", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891021", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891021\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-9735\");\n script_name(\"Debian LTS: Security Advisory for jetty8 (DLA-1021-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-05 00:00:00 +0100 (Mon, 05 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/07/msg00013.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"jetty8 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n8.1.3-4+deb7u1.\n\nWe recommend that you upgrade your jetty8 packages.\");\n\n script_tag(name:\"summary\", value:\"It was discovered that Jetty8, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"jetty8\", ver:\"8.1.3-4+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty8-extra-java\", ver:\"8.1.3-4+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty8-java\", ver:\"8.1.3-4+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty8-java-doc\", ver:\"8.1.3-4+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-29T20:09:30", "description": "It was discovered that Jetty, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.", "cvss3": {}, "published": "2018-02-05T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jetty (DLA-1020-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891020", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891020", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891020\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-9735\");\n script_name(\"Debian LTS: Security Advisory for jetty (DLA-1020-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-05 00:00:00 +0100 (Mon, 05 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/07/msg00012.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"jetty on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n6.1.26-1+deb7u1.\n\nWe recommend that you upgrade your jetty packages.\");\n\n script_tag(name:\"summary\", value:\"It was discovered that Jetty, a Java servlet engine and webserver, was\nvulnerable to a timing attack which might reveal cryptographic\ncredentials such as passwords to a local user.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"jetty\", ver:\"6.1.26-1+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty-extra\", ver:\"6.1.26-1+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty-extra-java\", ver:\"6.1.26-1+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty-java\", ver:\"6.1.26-1+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjetty-java-doc\", ver:\"6.1.26-1+deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for jetty FEDORA-2017-1206f87545", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872864", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872864", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jetty FEDORA-2017-1206f87545\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872864\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-14 15:55:09 +0530 (Fri, 14 Jul 2017)\");\n script_cve_id(\"CVE-2017-9735\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jetty FEDORA-2017-1206f87545\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jetty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"jetty on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-1206f87545\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OTNFFXV2X6FYJ3BP6UMGXM64NKTD7KK\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"jetty\", rpm:\"jetty~9.3.7~3.v20160115.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for jetty FEDORA-2017-03954b6dc4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872871", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872871", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jetty FEDORA-2017-03954b6dc4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872871\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-14 15:55:02 +0530 (Fri, 14 Jul 2017)\");\n script_cve_id(\"CVE-2017-9735\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jetty FEDORA-2017-03954b6dc4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jetty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"jetty on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-03954b6dc4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBJJEXEL4I7H623UZTKILCUYXF5LVODW\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"jetty\", rpm:\"jetty~9.4.6~1.v20170531.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for jetty-test-helper FEDORA-2017-03954b6dc4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872874", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872874", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jetty-test-helper FEDORA-2017-03954b6dc4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872874\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-14 15:54:53 +0530 (Fri, 14 Jul 2017)\");\n script_cve_id(\"CVE-2017-9735\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jetty-test-helper FEDORA-2017-03954b6dc4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jetty-test-helper'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"jetty-test-helper on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-03954b6dc4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HUHCSV7H4YRZJ6BPXT2FW7BOZSTSS7C4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"jetty-test-helper\", rpm:\"jetty-test-helper~3.1~3.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for jetty-alpn FEDORA-2017-03954b6dc4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872861", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jetty-alpn FEDORA-2017-03954b6dc4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872861\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-14 15:55:18 +0530 (Fri, 14 Jul 2017)\");\n script_cve_id(\"CVE-2017-9735\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jetty-alpn FEDORA-2017-03954b6dc4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jetty-alpn'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"jetty-alpn on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-03954b6dc4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DOX6HPFDWMFSKKQWSDLP72QTMHL2VIDV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"jetty-alpn\", rpm:\"jetty-alpn~8.1.11~2.v20170118.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-27T13:08:16", "description": "Jetty is prone to a security bypass vulnerability.", "cvss3": {}, "published": "2017-08-01T00:00:00", "type": "openvas", "title": "Jetty < 9.4.6.20170531 Security Bypass Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310140261", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310140261", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jetty < 9.4.6.20170531 Security Bypass Vulnerability (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.140261\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-08-01 11:31:21 +0700 (Tue, 01 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2017-9735\");\n script_bugtraq_id(99104);\n script_name(\"Jetty < 9.4.6.20170531 Security Bypass Vulnerability (Linux)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"https://github.com/eclipse/jetty.project/issues/1556\");\n\n script_tag(name:\"summary\", value:\"Jetty is prone to a security bypass vulnerability.\");\n\n script_tag(name:\"insight\", value:\"Jetty through is prone to a timing channel in util/security/Password.java,\n which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of\n incorrect passwords.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Jetty version 9.4.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.4.6.v20170531 or later.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex: \"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version =~ \"^9\\.4\\.\") {\n if (version_is_less(version: version, test_version: \"9.4.6.20170531\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.6.20170531\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-27T13:09:12", "description": "Jetty is prone to a security bypass vulnerability.", "cvss3": {}, "published": "2017-08-01T00:00:00", "type": "openvas", "title": "Jetty < 9.4.6.20170531 Security Bypass Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9735"], "modified": "2019-09-26T00:00:00", "id": "OPENVAS:1361412562310108499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jetty < 9.4.6.20170531 Security Bypass Vulnerability (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:eclipse:jetty\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108499\");\n script_version(\"2019-09-26T06:54:12+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-26 06:54:12 +0000 (Thu, 26 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-08-01 11:31:21 +0700 (Tue, 01 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2017-9735\");\n script_bugtraq_id(99104);\n script_name(\"Jetty < 9.4.6.20170531 Security Bypass Vulnerability (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_jetty_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"jetty/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"https://github.com/eclipse/jetty.project/issues/1556\");\n\n script_tag(name:\"summary\", value:\"Jetty is prone to a security bypass vulnerability.\");\n\n script_tag(name:\"insight\", value:\"Jetty through is prone to a timing channel in util/security/Password.java,\n which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of\n incorrect passwords.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Jetty version 9.4.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 9.4.6.v20170531 or later.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, version_regex: \"^[0-9]+\\.[0-9]+\\.[0-9]+\", exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version =~ \"^9\\.4\\.\") {\n if (version_is_less(version: version, test_version: \"9.4.6.20170531\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.6.20170531\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-15T00:00:00", "type": "openvas", "title": "Fedora Update for jetty FEDORA-2018-48b73ed393", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536", "CVE-2017-7656"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874809", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_48b73ed393_jetty_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for jetty FEDORA-2018-48b73ed393\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874809\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-15 06:04:25 +0200 (Sun, 15 Jul 2018)\");\n script_cve_id(\"CVE-2017-7656\", \"CVE-2017-7657\", \"CVE-2017-7658\", \"CVE-2018-12536\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jetty FEDORA-2018-48b73ed393\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jetty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"jetty on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-48b73ed393\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QJNLQI54CY5A2GFZ4PDZTIGKMXJJUSKM\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"jetty\", rpm:\"jetty~9.4.11~2.v20180605.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-15T00:00:00", "type": "openvas", "title": "Fedora Update for jetty FEDORA-2018-93a507fd0f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12538", "CVE-2017-7657", "CVE-2017-7658", "CVE-2018-12536", "CVE-2017-7656"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874796", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874796", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_93a507fd0f_jetty_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for jetty FEDORA-2018-93a507fd0f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874796\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-15 06:00:44 +0200 (Sun, 15 Jul 2018)\");\n script_cve_id(\"CVE-2017-7656\", \"CVE-2017-7657\", \"CVE-2017-7658\", \"CVE-2018-12538\",\n \"CVE-2018-12536\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jetty FEDORA-2018-93a507fd0f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jetty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"jetty on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-93a507fd0f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OTGKQOGG6ULYU675RIQBC33RQNIKYLVI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"jetty\", rpm:\"jetty~9.4.11~2.v20180605.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2022-03-28T17:29:58", "description": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn&#x27;t match a dynamic url-pattern, and is eventually handled by the DefaultServlet&#x27;s static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system. ([CVE-2018-12536](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12536>))\n\nImpact\n\nAn authenticated user can see the back-end directo