Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters.
References
Link | Resource |
---|---|
http://secunia.com/advisories/12011 | Broken Link Patch Vendor Advisory |
http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html | Broken Link |
http://www.osvdb.org/7391 | Broken Link Patch |
http://www.securityfocus.com/bid/10673 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16638 | Third Party Advisory VDB Entry |
http://secunia.com/advisories/12011 | Broken Link Patch Vendor Advisory |
http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html | Broken Link |
http://www.osvdb.org/7391 | Broken Link Patch |
http://www.securityfocus.com/bid/10673 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16638 | Third Party Advisory VDB Entry |
Configurations
History
20 Nov 2024, 23:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/12011 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html - Broken Link | |
References | () http://www.osvdb.org/7391 - Broken Link, Patch | |
References | () http://www.securityfocus.com/bid/10673 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16638 - Third Party Advisory, VDB Entry |
08 Feb 2024, 02:12
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mbedthis
Mbedthis appweb Http Server |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-178 | |
References | (CONFIRM) http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html - Broken Link | |
References | (OSVDB) http://www.osvdb.org/7391 - Broken Link, Patch | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/16638 - Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/10673 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/12011 - Broken Link, Patch, Vendor Advisory | |
CPE | cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.0:*:*:*:*:*:*:* cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.1:*:*:*:*:*:*:* cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.0.4:*:*:*:*:*:*:* cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:1.0.3:*:*:*:*:*:*:* |
cpe:2.3:a:mbedthis:appweb_http_server:*:*:*:*:*:*:*:* |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:52
NVD link : CVE-2004-2214
Mitre link : CVE-2004-2214
CVE.ORG link : CVE-2004-2214
JSON object : View
Products Affected
mbedthis
- appweb_http_server
CWE
CWE-178
Improper Handling of Case Sensitivity