Vulnerabilities > CVE-2010-3300 - Unspecified vulnerability in Owasp Enterprise Security API for Java 2.0

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
owasp

Summary

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.

Vulnerable Configurations

Part Description Count
Application
Owasp
3