| Max CVSS | 5.0 | Min CVSS | 4.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-9315 | 5.0 |
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support
|
21-07-2021 - 11:39 | 10-05-2020 - 23:15 | |
| CVE-2020-9314 | 4.9 |
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE
|
21-07-2021 - 11:39 | 10-05-2020 - 23:15 |