CVE-2012-2170IBM Websphere Application Server vulnerability

CWE-2643 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 44.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedJun 20
Latest updateMay 17

Description

The Application Snoop Servlet in IBM WebSphere Application Server 7.0 before 7.0.0.23 does not properly restrict access, which allows remote attackers to obtain sensitive client and request information via a direct request.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-pv56-xrhc-m887: The Application Snoop Servlet in IBM WebSphere Application Server 72022-05-17
CVEList
CVE-2012-2170: The Application Snoop Servlet in IBM WebSphere Application Server 72012-06-20
CVE-2012-2170 — IBM vulnerability | cvebase