CVE-2023-0100

EPSS 0.34%
Published 15.03.2023 15:15:09
Last modified 27.02.2025 15:15:35
Source emo@eclipse.org
Teams watchlist Login
Open Login

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. __report=http://xyz.com/report.rptdesign). If the host indicated in the __report parameter matched the HTTP Host header value, the report would be retrieved. However, the Host header can be tampered with on some configurations where no virtual hosts are put in place (e.g. in the default configuration of Apache Tomcat) or when the default host points to the BIRT server. This vulnerability was patched on Eclipse BIRT 4.13.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Eclipse ≫ Business Intelligence And Reporting Tools Version >= 2.6.2 < 4.13.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.34%	0.534

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://bugs.eclipse.org/bugs/show_bug.cgi?id=580391

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2023-0100

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-0100

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-0100

EUVD