PT-2000-1435 · Ibm · Ibm Websphere Server
Published
2000-06-08
·
Updated
2024-01-26
·
CVE-2000-0497
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere server version 3.0.2
Description
The issue allows a remote attacker to view the source code of a JSP program. This can be achieved by requesting a URL that provides the JSP extension in upper case.
Recommendations
For IBM WebSphere server version 3.0.2, consider restricting access to JSP files or modifying the server configuration to handle JSP extensions in a case-insensitive manner until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Websphere Server