1. Home
  2. Vulnerabilities
  3. CVE-2015-3198

CVE-2015-3198

CVSS v3.0 7.5 (High)
75% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.28 % (68th)
0.28% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Graph Web & Social Timeline

The Undertow module of WildFly 9.x before 9.0.0.CR2 and 10.x before 10.0.0.Alpha1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL.

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2017-07-21 14:29:00
(7 years ago)
Updated Date
2017-08-07 16:43:17
(7 years ago)

Affected Products

Redhat

Configuration #1

    CPE23 From Up To
  Redhat Jboss Wildfly Application Server 9.0.0 Beta1 cpe:2.3:a:redhat:jboss_wildfly_application_server:9.0.0:beta1
  Redhat Jboss Wildfly Application Server 9.0.0 Beta2 cpe:2.3:a:redhat:jboss_wildfly_application_server:9.0.0:beta2
  Redhat Jboss Wildfly Application Server 9.0.0 Cr1 cpe:2.3:a:redhat:jboss_wildfly_application_server:9.0.0:cr1