5
CVE-2002-1592
- EPSS 5.14%
- Published 06.05.2002 04:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
Data is provided by the National Vulnerability Database (NVD)
Apache ≫ HTTP Server Version2.0
Apache ≫ HTTP Server Version2.0.28
Apache ≫ HTTP Server Version2.0.32
Apache ≫ HTTP Server Version2.0.35
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.14% | 0.895 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|