CVE-2009-0274 — Sensitive Information Exposure in Groupwise

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 41.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Groupwise

Timeline

PublishedFeb 3

Latest updateMay 2

Description

Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote attackers to obtain sensitive information via a crafted URL, related to conversion of POST requests to GET requests.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/groupwise6 versions+5

🔴Vulnerability Details

GHSA

GHSA-g4r3-m6vr-hjpq: Unspecified vulnerability in WebAccess in Novell GroupWise 6↗2022-05-02

▶

CVEList

CVE-2009-0274: Unspecified vulnerability in WebAccess in Novell GroupWise 6↗2009-02-03

▶