CVE-2005-0425IBM Websphere Application Server vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 42.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedMay 2
Latest updateMay 1

Description

Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/websphere_application_server5.0, 5.1.0, 6.0+2

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: www-1.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-hxxg-433j-m5fg: Unknown vulnerability in IBM Websphere Application Server 52022-05-01
CVEList
CVE-2005-0425: Unknown vulnerability in IBM Websphere Application Server 52005-02-15
CVE-2005-0425 — IBM vulnerability | cvebase