- Description
- BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:brs:webweaver:1.0.1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D45FE3EF-F93A-4CFD-BCF6-789F309EC5B4"
},
{
"criteria": "cpe:2.3:a:brs:webweaver:1.0.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ACE92651-0D39-4E96-9BF9-C246604A5CFD"
},
{
"criteria": "cpe:2.3:a:brs:webweaver:1.0.3:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E536B18C-6C47-4A36-B36B-25C7EE8A5DFD"
}
],
"operator": "OR"
}
]
}
]