Vulnerabilities > CVE-2021-3688 - Unspecified vulnerability in Redhat Jboss Core Services Httpd 2.4.23/2.4.29/2.4.37
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 13 |