Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Apache Subscribe
Filtered by product Jserv
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1247 1 Apache 1 Jserv 2017-08-28 2.1 LOW N/A
The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.