Lucene search
K

6 matches found

Nuclei
Nuclei
added 14 hours ago239 views

Oracle iPlanet Web Server 7.0.x - Authentication Bypass

Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE. id:...

7.5CVSS6.5AI score0.81814EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.12 views

CVE-2020-9315

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references...

7.5CVSS6.6AI score0.81814EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2021/02/23 12:0 a.m.29 views

Oracle iPlanet Web Server Authentication Bypass (CVE-2020-9315)

An authentication bypass vulnerability exists in Oracle iPlanet Web Server. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

5CVSS4.8AI score0.81814EPSS
Exploits0
ThreatPost
ThreatPost
added 2020/05/11 8:19 p.m.89 views

Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection

A pair of vulnerabilities in Oracle’s iPlanet Web Server have been disclosed that can lead to sensitive data exposure and image injections onto web pages if exploited. However, no patch is forthcoming for either flaw. The bugs CVE-2020-9315 and CVE-2020-9314 are specifically found in the web...

9.3CVSS6.9AI score0.81814EPSS
Exploits0References8
OSV
OSV
added 2020/05/10 11:15 p.m.6 views

CVE-2020-9315

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references...

7.5CVSS6.4AI score0.81814EPSS
Exploits0References4
CVE
CVE
added 2020/05/10 10:23 p.m.117 views

CVE-2020-9315

Oracle iPlanet Web Server 7.0.x is affected by two CVEs. CVE-2020-9315: authentication bypass via incorrect access control on admingui/version URIs, enabling unauthenticated read access to encryption keys. CVE-2020-9314: image injection via productNameSrc in the admingui, stemming from an incompl...

7.5CVSS7.2AI score0.81814EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder