CVE-2021-28164

high-risk

Published 2021-04-01

In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.

Do I need to act?

93.5% chance of exploitation in next 30 days

EPSS score — higher than 7% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

50438

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.3/10 Medium

NETWORK / LOW complexity

Affected Products (20)

Jetty

Cloud Manager

E-Series Performance Analyzer

E-Series Santricity Os Controller

E-Series Santricity Web Services

Element Plug-In For Vcenter Server

Santricity Cloud Connector

Snapcenter

Snapcenter Plug-In

Storage Replication Adapter For Clustered Data Ontap

Vasa Provider For Clustered Data Ontap

Virtual Storage Console

Autovue For Agile Product Lifecycle Management

Banking Apis

Banking Digital Experience

Communications Session Route Manager

Siebel Core - Automation

Affected Vendors

Oracle Netapp Eclipse

References (50)

Exploit http://packetstormsecurity.com/files/164590/Jetty-9.4.37.v20210219-Information-D...

Mitigation https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5

https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9...

https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc0...

https://lists.apache.org/thread.html/r2a3ea27cca2ac7352d392b023b72e824387bc9ff16...

https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6...

https://lists.apache.org/thread.html/r3c55b0baa4dc38958ae147b2f216e212605f107129...

https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd7...

https://lists.apache.org/thread.html/r4b1fef117bccc7f5fd4c45fd2cabc26838df823fe5...

https://lists.apache.org/thread.html/r5b3693da7ecb8a75c0e930b4ca26a5f97aa0207d9d...

https://lists.apache.org/thread.html/r6ac9e263129328c0db9940d72b4a6062e703c58918...

https://lists.apache.org/thread.html/r763840320a80e515331cbc1e613fa93f25faf62e99...

https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92...

https://lists.apache.org/thread.html/r7dd079fa0ac6f47ba1ad0af98d7d0276547b8a4e00...

https://lists.apache.org/thread.html/r8e6c116628c1277c3cf132012a66c46a0863fa2a30...

https://lists.apache.org/thread.html/r90e7b4c42a96d74c219e448bee6a329ab0cd3205c4...

https://lists.apache.org/thread.html/r9974f64723875052e02787b2a5eda689ac5247c71b...

https://lists.apache.org/thread.html/rbc075a4ac85e7a8e47420b7383f16ffa0af3b792b8...

https://lists.apache.org/thread.html/rcea249eb7a0d243f21696e4985de33f3780399bf7b...

https://lists.apache.org/thread.html/rd0471252aeb3384c3cfa6d131374646d4641b80dd3...

and 30 more references

/ 100

high-risk

Severity 21/34 · High

Exploitability 20/34 · Moderate

Exposure 20/34 · Moderate