CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
62.0%
Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.
Vendor | Product | Version | CPE |
---|---|---|---|
netscape | enterprise_server | 3.5 | cpe:2.3:a:netscape:enterprise_server:3.5:*:*:*:*:*:*:* |
netscape | enterprise_server | 3.6 | cpe:2.3:a:netscape:enterprise_server:3.6:*:*:*:*:*:*:* |