HomePentest-Tools.com Logo

Eclipse Jetty Server InvalidPathException Information Disclosure Vulnerability - Windows CVE-2018-12536

Severity
CVSSv3 Score
5.3
Vulnerability description

Eclipse Jetty Server is prone to an information disclosure vulnerability.

Risk description

The flaw exists due to an improper handling of bad queries. Successful exploitation will allow an attacker to disclose sensitive information.

Recommendation

Upgrade to Eclipse Jetty Server version 9.3.24.v20180605 or 9.4.11.v20180605 or later as per the series. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 27, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available