CVE-2009-4267
CVE-2009-4267
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
19 Feb 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.
Affected products
Apache Software Foundation · jUDDI