CVE-2014-3526

Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.
References
Link Resource
https://wicket.apache.org/news/2014/09/22/cve-2014-3526.html Issue Tracking Third Party Advisory
https://wicket.apache.org/news/2014/09/22/cve-2014-3526.html Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.7.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.8.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.9.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.9.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.10.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.11.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.12.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.13.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.14.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.15.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:6.16.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:7.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:apache:wicket:7.0.0:milestone2:*:*:*:*:*:*

History

21 Nov 2024, 02:08

Type Values Removed Values Added
References () https://wicket.apache.org/news/2014/09/22/cve-2014-3526.html - Issue Tracking, Third Party Advisory () https://wicket.apache.org/news/2014/09/22/cve-2014-3526.html - Issue Tracking, Third Party Advisory

Information

Published : 2017-10-30 14:29

Updated : 2024-11-21 02:08


NVD link : CVE-2014-3526

Mitre link : CVE-2014-3526

CVE.ORG link : CVE-2014-3526


JSON object : View

Products Affected

apache

  • wicket
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor