Lucene search

MitreCVE-2003-0628

HistoryDec 15, 2003 - 5:00 a.m.

CVE-2003-0628

2003-12-1505:00:00

mitre

web.nvd.nist.gov

cve

peoplesoft

gateway administration

servlet

peopletools 8.43

security vulnerability

nvd

ssi files

remote attackers

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.013

Percentile

86.3%

JSON

PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.

Affected configurations

Nvd

Node

peoplesoftpeopletoolsMatch8.4

peoplesoftpeopletoolsMatch8.10

peoplesoftpeopletoolsMatch8.11

peoplesoftpeopletoolsMatch8.12

peoplesoftpeopletoolsMatch8.13

peoplesoftpeopletoolsMatch8.14

peoplesoftpeopletoolsMatch8.15

peoplesoftpeopletoolsMatch8.16

peoplesoftpeopletoolsMatch8.17

peoplesoftpeopletoolsMatch8.18

peoplesoftpeopletoolsMatch8.19

peoplesoftpeopletoolsMatch8.20

peoplesoftpeopletoolsMatch8.40

peoplesoftpeopletoolsMatch8.41

peoplesoftpeopletoolsMatch8.42

peoplesoftpeopletoolsMatch8.43

VendorProductVersionCPE
peoplesoftpeopletools8.4cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*
peoplesoftpeopletools8.10cpe:2.3:a:peoplesoft:peopletools:8.10:*:*:*:*:*:*:*
peoplesoftpeopletools8.11cpe:2.3:a:peoplesoft:peopletools:8.11:*:*:*:*:*:*:*
peoplesoftpeopletools8.12cpe:2.3:a:peoplesoft:peopletools:8.12:*:*:*:*:*:*:*
peoplesoftpeopletools8.13cpe:2.3:a:peoplesoft:peopletools:8.13:*:*:*:*:*:*:*
peoplesoftpeopletools8.14cpe:2.3:a:peoplesoft:peopletools:8.14:*:*:*:*:*:*:*
peoplesoftpeopletools8.15cpe:2.3:a:peoplesoft:peopletools:8.15:*:*:*:*:*:*:*
peoplesoftpeopletools8.16cpe:2.3:a:peoplesoft:peopletools:8.16:*:*:*:*:*:*:*
peoplesoftpeopletools8.17cpe:2.3:a:peoplesoft:peopletools:8.17:*:*:*:*:*:*:*
peoplesoftpeopletools8.18cpe:2.3:a:peoplesoft:peopletools:8.18:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
peoplesoft	peopletools	8.4	cpe:2.3:a:peoplesoft:peopletools:8.4:::::::*
peoplesoft	peopletools	8.10	cpe:2.3:a:peoplesoft:peopletools:8.10:::::::*
peoplesoft	peopletools	8.11	cpe:2.3:a:peoplesoft:peopletools:8.11:::::::*
peoplesoft	peopletools	8.12	cpe:2.3:a:peoplesoft:peopletools:8.12:::::::*
peoplesoft	peopletools	8.13	cpe:2.3:a:peoplesoft:peopletools:8.13:::::::*
peoplesoft	peopletools	8.14	cpe:2.3:a:peoplesoft:peopletools:8.14:::::::*
peoplesoft	peopletools	8.15	cpe:2.3:a:peoplesoft:peopletools:8.15:::::::*
peoplesoft	peopletools	8.16	cpe:2.3:a:peoplesoft:peopletools:8.16:::::::*
peoplesoft	peopletools	8.17	cpe:2.3:a:peoplesoft:peopletools:8.17:::::::*
peoplesoft	peopletools	8.18	cpe:2.3:a:peoplesoft:peopletools:8.18:::::::*

Rows per page:

1-10 of 161

References

marc.info/?l=bugtraq&m=106874146204158&w=2

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.013

Percentile

86.3%

JSON

Related for CVE-2003-0628