CVE-2021-28169
published 2021-06-09CVE-2021-28169: For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | jetty9 | < jetty9 9.4.39-2 (bookworm) | jetty9 9.4.39-2 (bookworm) |
| eclipse | jetty | < 9.4.41 | 9.4.41 |
| eclipse | jetty | >= 10.0.0 < 10.0.3 | 10.0.3 |
| eclipse | jetty | >= 11.0.0 < 11.0.3 | 11.0.3 |
| oracle | communications_cloud_native_core_policy | — | — |
| oracle | rest_data_services | < 21.3 | 21.3 |
| the_eclipse_foundation | eclipse_jetty | unspecified – 9.4.40 | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM
vulncheck5.3MEDIUM