Exploit for #VU11844 Information disclosure in Jetty

Exploit for #VU11844 Information disclosure in Jetty

Published: 2020-03-18 | Updated: 2021-06-17

Vulnerability identifier: #VU11844

Vulnerability risk: Low

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2015-2080

CWE-ID: CWE-200

Exploitation vector: Network

Exploits in database: 3

June 17, 2021
- Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak [Exploit-DB]
March 18, 2020
- CVE-2015-2080 (Exploitation and validation tool for CVE 2015-2080 AKA "JetBlead") [Github]
- Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers [Exploit-DB]

Impact: Information disclosure

Vulnerable software:
Jetty
Server applications / Web servers

Vendor: Eclipse