Lucene search

[email protected]NVD:CVE-1999-1124

HistoryDec 31, 1999 - 5:00 a.m.

CVE-1999-1124

1999-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

74.5%

JSON

HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host.

Affected configurations

Nvd

Node

allairecoldfusion

VendorProductVersionCPE
allairecoldfusion*cpe:2.3:a:allaire:coldfusion:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
allaire	coldfusion	*	cpe:2.3:a:allaire:coldfusion::::::::

References

packetstorm.securify.com/mag/phrack/phrack54/P54-08

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

74.5%

JSON

Related for NVD:CVE-1999-1124

cvelist1 cve1