5
CVE-2010-3700
- EPSS 1.67%
- Veröffentlicht 29.10.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:23:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attackers to bypass security constraints via a path parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Acegisecurity ≫ Acegi-security Version1.0.0
Acegisecurity ≫ Acegi-security Version1.0.1
Acegisecurity ≫ Acegi-security Version1.0.2
Acegisecurity ≫ Acegi-security Version1.0.3
Acegisecurity ≫ Acegi-security Version1.0.4
Acegisecurity ≫ Acegi-security Version1.0.5
Acegisecurity ≫ Acegi-security Version1.0.6
Acegisecurity ≫ Acegi-security Version1.0.7
VMware ≫ Springsource Spring Security Version2.0.0
VMware ≫ Springsource Spring Security Version2.0.1
VMware ≫ Springsource Spring Security Version2.0.2
VMware ≫ Springsource Spring Security Version2.0.3
VMware ≫ Springsource Spring Security Version2.0.4
VMware ≫ Springsource Spring Security Version2.0.5
VMware ≫ Springsource Spring Security Version3.0.0
VMware ≫ Springsource Spring Security Version3.0.1
VMware ≫ Springsource Spring Security Version3.0.2
VMware ≫ Springsource Spring Security Version3.0.3
Ibm ≫ Websphere Application Server Version6.1
Ibm ≫ Websphere Application Server Version7.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.67% | 0.738 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://osvdb.org/68931
http://secunia.com/advisories/42024
http://www.securityfocus.com/archive/1/514517/100/0/threaded
http://www.securityfocus.com/bid/44496
http://www.springsource.com/security/cve-2010-3700
https://issues.apache.org/bugzilla/show_bug.cgi?id=25015