Lucene search

FreeBSD47AA4343-44FA-11E5-9DAA-14DAE9D210B8

HistoryJan 15, 2015 - 12:00 a.m.

mod_jk -- information disclosure

2015-01-1500:00:00

vuxml.freebsd.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

63.9%

JSON

NIST reports:

Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores
JkUnmount rules for subtrees of previous JkMount rules, which allows
remote attackers to access otherwise restricted artifacts via
unspecified vectors.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchap22-mod_jk< 1.2.41,1UNKNOWN
FreeBSDanynoarchap24-mod_jk< 1.2.41,1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	ap22-mod_jk	< 1.2.41,1	UNKNOWN
FreeBSD	any	noarch	ap24-mod_jk	< 1.2.41,1	UNKNOWN

References

readlist.com/lists/tomcat.apache.org/users/27/135512.html

www.cvedetails.com/cve/CVE-2014-8111/

www.mail-archive.com/[email protected]/msg118949.html

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

63.9%

JSON

Related for 47AA4343-44FA-11E5-9DAA-14DAE9D210B8