CVE-2019-10247

CVSS V2 Medium 5 CVSS V3 Medium 5.3
Description
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.
Overview
  • CVE ID
  • CVE-2019-10247
  • Assigner
  • emo@eclipse.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2019-04-22T20:29:00
  • Last Modified Date
  • 2022-04-22T20:09:00
Weakness Enumerations
CWE URL
CWE-200 http://cwe.mitre.org/data/definitions/200.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:eclipse:jetty:7.0.0:20091005:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:maintenance_4:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:rc3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:rc4:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:rc5:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.0:rc6:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.1:20091125:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.2:20100331:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.0.2:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.0:20100505:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.1:20100517:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.2:20100523:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.3:20100526:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.4:20100610:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.5:20100705:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.1.6:20100715:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.2.0:20101020:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.2.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.2.1:20101111:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.2.2:20101205:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.3.0:20110203:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.3.1:20110307:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.0:20110414:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.1:20110513:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.2:20110526:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.3:20110630:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.3:20110701:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.4:20110707:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.4.5:20110725:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.0:20110901:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.0:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.1:20110908:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.2:20111006:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.3:20111011:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.5.4:20111024:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:20120125:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:20120127:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:rc3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:rc4:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.0:rc5:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.1:20120215:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.2:20120302:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.2:20120308:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.3:20120413:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.3:20120416:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.4:20120522:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.4:20120524:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.5:20120713:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.5:20120716:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.6:20120903:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.7:20120910:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.8:20121106:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.9:20130131:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.10:20130312:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.11:20130520:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.11:20130725:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.12:20130726:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.13:20130910:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.14:20131031:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.15:20140411:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.16:20140903:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.17:20150415:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.18:20150929:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.19:20160209:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.20:20160902:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:7.6.21:20160908:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.0:20110901:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.0:maintenance_3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.1:20110908:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.2:20111006:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.3:20111011:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.0.4:20111024:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.0:20120127:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.0:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.0:rc4:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.0:rc5:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.1:20120215:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.2:20120302:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.2:20120308:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.3:20120416:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.4:20120524:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.5:20120713:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.5:20120716:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.6:20120903:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.7:20120910:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.8:20121106:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.9:20130131:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.10:20130312:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.11:20130520:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.12:20130725:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.12:20130726:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.13:20130910:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.13:20130916:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.14:20131031:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.15:20140411:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.16:20140903:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.17:20150415:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.18:20150929:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.19:20160209:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.20:20160902:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.21:20160908:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.1.22:20160922:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:8.2.0:20160908:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:20130308:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:m5:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_4:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:maintenance_5:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.0:rc3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.1:20130408:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.2:20130417:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.2:20140415:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.3:20130506:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.4:20130621:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.4:20130625:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.5:20130813:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.5:20130815:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.6:20130919:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.6:20130930:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.7:20131031:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.0.7:20131107:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.0:20131115:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.0:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.0:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.1:20140108:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.2:20140210:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.3:20140225:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.4:20140401:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.5:20140505:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.6:20151106:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.1.6:20160112:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.0:20140523:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.0:20140526:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.0:maintenance_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.1:20140609:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.2:20140723:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.3:20140905:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.4:20141103:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.5:20141112:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.6:20141203:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.6:20141205:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.7:20150116:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.8:20150217:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.9:20150224:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.10:20150310:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.11:20150528:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.11:20150529:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.11:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.12:20150709:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.12:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.13:20150730:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.14:20151106:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.15:20160210:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.16:20160407:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.16:20160414:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.17:20160517:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.18:20160721:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.19:20160908:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.20:20161216:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.21:20170120:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.22:20170606:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.23:20171218:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.24:20180105:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.25:20180606:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.26:20180806:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.2.27:20190403:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:20150601:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:20150608:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:20150612:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:maintenance0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:maintenance1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:maintenance2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.1:20150714:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.2:20150730:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.3:20150825:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.3:20150827:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.4:20151005:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.4:20151007:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.4:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.4:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.5:20151012:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.6:20151106:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.7:20160115:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.7:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.7:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.8:20160311:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.8:20160314:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.8:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.9:20160517:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.9:maintenance_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.10:20160621:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.10:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.11:20160721:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.11:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.12:20160915:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.13:20161014:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.13:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.14:20161028:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.15:20161220:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.16:20170119:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.16:20170120:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.17:20170317:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.17:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.18:20170406:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.19:20170502:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.20:20170531:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.21:20170918:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.21:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.21:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.22:20171030:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.23:20180228:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.24:20180605:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.25:20180904:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.3.26:20190403:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:20161207:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:20161208:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:maintenance_1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.0:rc3:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.1:20170120:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.1:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.2:20170220:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.2:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.3:20170317:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.3:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.4:20170410:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.4:20170414:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.4:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.5:20170502:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.5:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.7:20170914:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.7:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.7:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.8:20171121:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.8:20180619:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.9:20180320:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.10:20180503:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.10:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.10:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.12:20180830:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.12:rc0:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.12:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.12:rc2:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.13:20181111:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.14:20181114:*:*:*:*:*:* 1 OR
cpe:2.3:a:eclipse:jetty:9.4.15:20190215:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* 1 OR 3.0 3.1.3
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:* 1 OR
cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:sap:*:* 1 OR
cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:* 1 OR 9.6
cpe:2.3:a:netapp:storage_services_connector:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:* 1 OR 9.6
cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:* 1 OR 9.6
cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:* 1 OR
cpe:2.3:a:oracle:autovue:21.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_services_gatekeeper:6.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_services_gatekeeper:6.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_core_banking:*:*:*:*:*:*:*:* 1 OR 11.5.0 11.7.0
cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:fmw_platform:12.2.1.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:unified_directory:12.2.1.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:unified_directory:12.2.1.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • LOW
  • Availability Impact
  • NONE
  • Base Score
  • 5.3
  • Base Severity
  • MEDIUM
  • Exploitability Score
  • 3.9
  • Impact Score
  • 1.4
References
Reference URL Reference Tags
https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577 Issue Tracking Vendor Advisory
https://security.netapp.com/advisory/ntap-20190509-0003/ Third Party Advisory
https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E Mailing List Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Third Party Advisory
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E Mailing List Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Third Party Advisory
https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E Mailing List Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.debian.org/security/2021/dsa-4949
https://www.oracle.com/security-alerts/cpuapr2022.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2019-10247
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247
History
Created Old Value New Value Data Type Notes
2022-04-20 17:00:14 Added to TrackCVE
2022-12-03 19:50:56 security@eclipse.org emo@eclipse.org CVE Assigner updated
2022-12-03 19:50:56 2019-04-22T20:29Z 2019-04-22T20:29:00 CVE Published Date updated
2022-12-03 19:50:56 2022-04-22T20:09:00 CVE Modified Date updated
2022-12-03 19:50:56 Analyzed Vulnerability Status updated