The version of Jetty installed on the remote host suffers from a potential race condition when creating temporary sub directories. If an co-located attacker wins the race, then they will have read/write privilege to the subdirectory used to unpack web applications, potentially leading to a local privilege escalation vulnerability. Note that the scanner has not tested for this issue but has instead relied only on the applicationβs self-reported version number.
No source data