Skip to main content

Communications Cloud Native Core Policy

91 CVEs product

Monthly

CVE-2017-9735 Maven HIGH PATCH This Week

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jetty Debian Linux Communications Cloud Native Core Policy Enterprise Manager Base Platform +3
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jetty Debian Linux +5
NVD GitHub
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy