Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:13516
HistoryMar 25, 2019 - 8:40 a.m.

Insecure Variable Comparison

2019-03-2508:40:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.0%

Caucho Quercus uses an insecure variable comparison. When using the == operator for comparison of variables of various types, there is a possibility of variable comparisons to always result in a TRUE state.

CPENameOperatorVersion
resin application servereq3.0.9

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.0%

Related for VERACODE:13516