4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
83.0%
Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via “URIs with special characters.”
secunia.com/advisories/20732
secunia.com/advisories/24478
www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
www-1.ibm.com/support/docview.wss?uid=swg21243541
www.securityfocus.com/bid/18578
www.securityfocus.com/bid/22991
www.vupen.com/english/advisories/2006/2482
www.vupen.com/english/advisories/2007/0970