|
[Japanese]
|
JVNDB-2010-002467
|
Interstage Application Server Information Disclosure Vulnerability
|
|
Interstage Application Server has an information disclosure vulnerability when used in a J2EE environment.
|
|
Base Metrics:
7.8 (High)
[IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: Complete
- Integrity Impact: None
- Availability Impact: None
|
|
|
|
FUJITSU
- Interstage Application Framework Suite
- Interstage Application Server
- Interstage Apworks
- Interstage Business Application Server
- Interstage Job Workload Server
- Interstage Studio
- Interstage Web Server
|
|
|
By taking the specific steps, a remote attacker could access the files and directories in the server to which J2EE applications are deployed, and the confidential information may be disclosed.
|
|
Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
|
|
FUJITSU
|
|
- Information Exposure(CWE-200) [IPA Evaluation]
|
|
|
|
|
|
[2010/12/14]
Web page published
|
