Test Kennung:	1.3.6.1.4.1.25623.1.0.813552
Kategorie:	Web Servers
Titel:	Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability - Linux
Zusammenfassung:	Eclipse Jetty Server is prone to an information disclosure vulnerability.
Beschreibung:	Summary: Eclipse Jetty Server is prone to an information disclosure vulnerability. Vulnerability Insight: The flaw exists due to an improper handling of bad queries. Vulnerability Impact: Successful exploitation will allow an attacker to disclose sensitive information. Affected Software/OS: Eclipse Jetty Server versions 9.2.x, 9.3.x before 9.3.24.v20180605 and 9.4.x before 9.4.11.v20180605. Solution: Upgrade to Eclipse Jetty Server version 9.3.24.v20180605 or 9.4.11.v20180605 or later as per the series. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-12536 https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670 https://security.netapp.com/advisory/ntap-20181014-0001/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html http://www.securitytracker.com/id/1041194
Copyright	Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.