CVE-2003-0628

Published Dec 15, 2003

Last updated 8 years ago

CVSS info 5.0

Overview

Description: PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70B618A8-48AF-4193-BCD8-7B0F24923860"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE31EA39-F6EE-4FC6-A64F-74E1364A84C3"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5611ED3-9504-469C-A33D-D6AB31971BE5"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "030FF50A-1D1D-4D7D-964E-2F2CA3980C27"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D113AFE-BEF6-4557-B814-073F56912667"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ADCBDC1-C291-4978-95CC-2955AF9F0149"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "623DDE5E-20CF-4002-A532-E1B0171FF0C5"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55820FF1-2A48-4699-8C90-90CBC0C2D6A4"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAD1CF68-901D-4366-81F1-20E561BEB405"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B7B6AF6-2C2B-4186-911A-63D7CCE34E79"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A132448-0960-4878-9947-8F0B07C2E516"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15C45E32-CDEB-4AB2-B3BB-1F399F98E0B7"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "805FBA0A-0B52-4E61-A45C-E2C9AD48E555"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F94A7F77-D984-49BD-B59E-EBBC91C56C66"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD78CC13-C007-4AB1-912E-16B37D1D55CD"
          },
          {
            "criteria": "cpe:2.3:a:peoplesoft:peopletools:8.43:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECCB21D3-4FCB-4F0E-8430-B587512D04ED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References