Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-4404
HistoryNov 19, 2011 - 3:58 a.m.

CVE-2011-4404

2011-11-1903:58:55
CWE-16
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.4 High

AI Score

Confidence

High

0.966 High

EPSS

Percentile

99.6%

JSON

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.

Affected configurations

NVD
Node
vmwarevcenter_update_managerMatch4.0
OR
vmwarevcenter_update_managerMatch4.0update_1
OR
vmwarevcenter_update_managerMatch4.0update_2
OR
vmwarevcenter_update_managerMatch4.0update_3
OR
vmwarevcenter_update_managerMatch4.1
OR
vmwarevcenter_update_managerMatch4.1update_1

Related

prion 2
ubuntucve 2
cve 2
cvelist 2
nessus 7
vmware 3
seebug 1
checkpoint_advisories 1
securityvulns 5
packetstorm 1
exploitpack 1
veracode 1
openvas 9
osv 1
nvd 1
github 1
fedora 3
exploitdb 1
ibm 2
oracle 1
prion
prion
Directory traversal
2011-11-19 03:58:00
Directory traversal
2009-05-05 17:30:00
ubuntucve
ubuntucve
CVE-2011-4404
2011-11-19 00:00:00
CVE-2009-1523
2009-05-05 00:00:00
cve
cve
CVE-2011-4404
2011-11-19 03:58:55
CVE-2009-1523
2009-05-05 17:30:00
cvelist
cvelist
CVE-2011-4404
2011-11-19 02:00:00
CVE-2009-1523
2009-05-05 17:00:00
nessus
nessus
VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014)
2011-11-28 00:00:00
openSUSE Security Update : jetty5 (jetty5-1531)
2009-11-11 00:00:00
Mandriva Linux Security Advisory : jetty5 (MDVSA-2009:291)
2009-10-30 00:00:00
vmware
vmware
VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
2011-11-17 00:00:00
VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
2010-07-19 00:00:00
VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
2010-07-19 00:00:00
seebug
seebug
Jetty Web Serverไธๆ˜Ž็ป†่Š‚็›ฎๅฝ•้ๅŽ†ๆผๆดž
2011-11-21 00:00:00
checkpoint_advisories
checkpoint_advisories
VMware Update Manager Directory Traversal (CVE-2011-4404)
2012-09-04 00:00:00
securityvulns
securityvulns
Jetty Web server / VMware vCenter directory traversal
2011-11-20 00:00:00
VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
2011-11-20 00:00:00
[security bulletin] HPSBMA02553 SSRT100184 rev.1 - HP Insight Control Server Migration for Windows, Local and Remote Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS)
2010-07-18 00:00:00
packetstorm
packetstorm
VMware Update Manager Directory Traversal
2011-11-21 00:00:00
exploitpack
exploitpack
VMware - Update Manager Directory Traversal
2011-11-21 00:00:00
veracode
veracode
Directory Traversal
2018-11-08 06:30:45
openvas
openvas
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
2009-11-11 00:00:00
Mandriva Security Advisory MDVSA-2009:291 (jetty5)
2009-11-11 00:00:00
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
2009-05-04 00:00:00
osv
osv
Directory traversal in Mort Bay Jetty
2022-05-02 03:26:04
nvd
nvd
CVE-2009-1523
2009-05-05 17:30:00
github
github
Directory traversal in Mort Bay Jetty
2022-05-02 03:26:04
fedora
fedora
[SECURITY] Fedora 9 Update: jetty-5.1.15-3.fc9
2009-05-26 07:55:49
[SECURITY] Fedora 11 Update: jetty-5.1.15-4.fc11
2009-05-26 07:56:18
[SECURITY] Fedora 10 Update: jetty-5.1.15-3.fc10
2009-05-26 07:57:22
exploitdb
exploitdb
VMware - Update Manager Directory Traversal
2011-11-21 00:00:00
ibm
ibm
Security Bulletin: Jetty vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2011-4461, CVS-2009-4612, CVE-2009-4611, CVE-2009-4610, CVS-2009-4609, CVE-2009-1524, CVE-2009-1523)
2020-02-11 18:29:33
Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
2022-09-19 20:54:31
oracle
oracle
09-07 CPU Advisory
2009-07-14 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.4 High

AI Score

Confidence

High

0.966 High

EPSS

Percentile

99.6%

JSON
Related for NVD:CVE-2011-4404
prion2ubuntucve2cve2cvelist2nessus7vmware3seebug1checkpoint_advisories1securityvulns5packetstorm1exploitpack1veracode1openvas9osv1nvd1github1fedora3exploitdb1ibm2oracle1