WEB APPLICATION VULNERABILITIES Standard & Premium

Jetty Information Disclosure (CVE-2021-34429)

Description

Due to a vulnerability in Jetty's URI normalization, an attacker can access protected resources of the web application.

Remediation

Upgrade to the latest version of Jetty

References

Related Vulnerabilities

WordPress Plugin Debug Log Manager Information Disclosure (2.2.2)

Unrestricted access to Odoo DB manager

WordPress Plugin Easy Author Image Information Disclosure (1.5)

WordPress Plugin Cherry Services List Information Disclosure (1.4.1)

WordPress Plugin W3 Total Cache Information Disclosure (0.9.2.4)

Severity

Medium

Classification

CVE-2021-34429 CVE-2021-28164 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration