Oracle iPlanet Web Server 7.0.27

CPE Details

Oracle iPlanet Web Server 7.0.27
oracle
iplanet_web_server
7.0.27
2020-05-14
17h43 +00:00
2020-05-14
17h43 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:oracle:iplanet_web_server:7.0.27:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

iplanet_web_server

Version

7.0.27

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-9314 2020-05-10 20h23 +00:00 ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.
4.8
Moyen
CVE-2020-9315 2020-05-10 20h23 +00:00 ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.
7.5
Haute