Lucene search
Redhat.comRH:CVE-2007-5614HistoryOct 04, 2019 - 9:10 p.m.
CVE-2007-5614
2019-10-0421:10:06
redhat.com
access.redhat.com
7
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.03
Percentile
91.1%
Mortbay Jetty before 6.1.6rc1 does not properly handle “certain quote sequences” in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
Related
cvelist
cvelist
CVE-2007-5614
2007-12-05 11:00:00
cve
cve
CVE-2007-5614
2007-12-05 11:46:00
github
github
Improper Authentication in Mortbay Jetty
2022-05-01 18:35:01
osv
osv
Improper Authentication in Mortbay Jetty
2022-05-01 18:35:01
veracode
veracode
Session Hijacking
2018-11-15 01:29:46
prion
prion
Hardcoded credentials
2007-12-05 11:46:00
nvd
nvd
CVE-2007-5614
2007-12-05 11:46:00
cert
cert
Mortbay Jetty fails to properly handle cookies with quotes
2007-12-04 00:00:00
openvas
openvas
Fedora Update for jetty FEDORA-2008-6164
2009-02-17 00:00:00
Fedora Update for jetty FEDORA-2008-6141
2009-02-17 00:00:00
FreeBSD Ports: jetty
2008-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: jetty-5.1.14-1jpp.2.fc9
2008-07-06 06:16:00
[SECURITY] Fedora 8 Update: jetty-5.1.14-1jpp.1.fc8
2008-07-06 06:17:49
freebsd
freebsd
jetty -- multiple vulnerabilities
2007-12-05 00:00:00
nessus
nessus
FreeBSD : jetty -- multiple vulnerabilities (6ae7cef2-a6ae-11dc-95e6-000c29c5647f)
2007-12-11 00:00:00
Fedora 9 : jetty-5.1.14-1jpp.2.fc9 (2008-6141)
2008-07-08 00:00:00
Fedora 8 : jetty-5.1.14-1jpp.1.fc8 (2008-6164)
2008-07-08 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.03
Percentile
91.1%
Related for RH:CVE-2007-5614