Lucene search

PRIOn knowledge basePRION:CVE-2007-5614

HistoryDec 05, 2007 - 11:46 a.m.

Hardcoded credentials

2007-12-0511:46:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.3%

JSON

Mortbay Jetty before 6.1.6rc1 does not properly handle “certain quote sequences” in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

CPENameOperatorVersion
jettyeq4.0
jettyeq4.1
jettyeq3.0
jettyeq3.1
jettyeq1.0
jettyeq4.2
jettyeq5
jettyeq2.4
jettyeq6
jettyeq5.1

Name	Operator	Version
jetty	eq	4.0
jetty	eq	4.1
jetty	eq	3.0
jetty	eq	3.1
jetty	eq	1.0
jetty	eq	4.2
jetty	eq	5
jetty	eq	2.4
jetty	eq	6
jetty	eq	5.1

Rows per page:

1-10 of 111

References

osvdb.org/42496

secunia.com/advisories/27925

secunia.com/advisories/30941

secunia.com/advisories/35143

svn.codehaus.org/jetty/jetty/trunk/VERSION.txt

www.kb.cert.org/vuls/id/438616

www.securityfocus.com/bid/26695

www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.3%

JSON

Related for PRION:CVE-2007-5614