7.5
CVE-2000-0497
- EPSS 3.07%
- Veröffentlicht 08.06.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server Version3.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.07% | 0.859 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-178 Improper Handling of Case Sensitivity
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0263.html
http://www-4.ibm.com/software/webservers/appserv/efix.html
http://www.securityfocus.com/bid/1328