Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2013-3734
HistoryOct 24, 2017 - 3:00 p.m.

CVE-2013-3734

2017-10-2415:00:00
mitre
www.cve.org
6

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

61.6%

JSON

The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow (1) man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or (2) attackers to obtain sensitive information by reading the HTML source code. NOTE: the vendor says that this does not cross a trust boundary and that it is recommended best-practice that SSL is configured for the administrative console

Related

packetstorm 1
cve 1
nvd 1
prion 1
seebug 1
securityvulns 2
packetstorm
packetstorm
JBoss AS Administrative Console Password Disclosure
2013-06-06 00:00:00
cve
cve
CVE-2013-3734
2017-10-24 15:29:00
nvd
nvd
CVE-2013-3734
2017-10-24 15:29:00
prion
prion
Input validation
2017-10-24 15:29:00
seebug
seebug
Red Hat JBoss Application Server 密码信息泄露漏洞(CVE-2013-3734)
2013-06-26 00:00:00
securityvulns
securityvulns
CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response
2013-07-19 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-07-19 00:00:00

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

61.6%

JSON
Related for CVELIST:CVE-2013-3734
packetstorm1cve1nvd1prion1seebug1securityvulns2