3.0.21

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ibm

exploit available

NVD

Published: 2000-07-24

Updated: 2017-10-10

Summary

IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Websphere Application Server 2.0 IBM Websphere Application Server 3.0 IBM Websphere Application Server 3.0.21	3

Exploit-Db

description	IBM Websphere Application Server 2.0./3.0/3.0.2 .1 Showcode Vulnerability. CVE-2000-0652 . Remote exploits for multiple platform
id	EDB-ID:20097
last seen	2016-02-02
modified	2000-07-24
published	2000-07-24
reporter	Shreeraj Shah
source	https://www.exploit-db.com/download/20097/
title	IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References