Main Vulnerability Database SB2017103018

SB2017103018 - Input validation error in jUDDI

Published: October 30, 2017 Updated: August 8, 2020

Security Bulletin ID SB2017103018

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2009-1197)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.

Install update from vendor's website.