In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eclipse jetty 9.2.27 |
||
eclipse jetty 9.3.26 |
||
eclipse jetty 9.4.16 |
||
netapp snap creator framework - |
||
netapp snapcenter - |
||
netapp oncommand system manager |
||
netapp snapmanager - |
||
netapp storage services connector - |
||
netapp virtual storage console |
||
netapp virtual storage console 9.6 |
||
netapp storage replication adapter for clustered data ontap |
||
netapp storage replication adapter for clustered data ontap 9.6 |
||
netapp vasa provider for clustered data ontap |
||
netapp vasa provider for clustered data ontap - |
||
netapp element - |
||
oracle retail xstore point of service 15.0 |
||
oracle flexcube private banking 12.1.0 |
||
oracle retail xstore point of service 7.1 |
||
oracle flexcube private banking 12.0.0 |
||
oracle flexcube core banking 5.2.0 |
||
oracle hospitality guest access 4.2.0 |
||
oracle hospitality guest access 4.2.1 |
||
oracle retail xstore point of service 16.0 |
||
oracle endeca information discovery integrator 3.2.0 |
||
oracle enterprise manager base platform 13.3 |
||
oracle enterprise manager base platform 13.2 |
||
oracle data integrator 12.2.1.3.0 |
||
oracle unified directory 12.2.1.3.0 |
||
oracle unified directory 12.2.1.4.0 |
||
oracle communications element manager 8.2.0 |
||
oracle communications element manager 8.1.1 |
||
oracle retail xstore point of service 17.0 |
||
oracle communications element manager 8.1.0 |
||
oracle communications element manager 8.0.0 |
||
oracle rest data services 12.2.0.1 |
||
oracle rest data services 12.1.0.2 |
||
oracle rest data services 11.2.0.4 |
||
oracle rest data services 18c |
||
oracle flexcube core banking |
||
oracle communications services gatekeeper 7.0 |
||
oracle data integrator 12.2.1.4.0 |
||
oracle communications session report manager 8.1.1 |
||
oracle communications session report manager 8.2.0 |
||
oracle communications session route manager 8.1.1 |
||
oracle communications session route manager 8.2.0 |
||
oracle communications analytics 12.1.1 |
||
oracle communications session route manager 8.0.0 |
||
oracle communications session route manager 8.1.0 |
||
oracle communications session report manager 8.0.0 |
||
oracle communications session report manager 8.1.0 |
||
oracle autovue 21.0.2 |
||
oracle communications services gatekeeper 6.0 |
||
oracle communications services gatekeeper 6.1 |