CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11450

Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture, installation folder, and other information through the URL /MicroStrategyWS/happyaxis.jsp. An attacker could use this vulnerability to learn more about the environment the application is running in. This issue has been mitigated in all versions of the product 11.0 and higher.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.875

EPSS Ranking 99.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2020-11450

Microstrategy » Microstrategy Web » Version: N/A

cpe:2.3:a:microstrategy:microstrategy_web:-
Microstrategy » Microstrategy Web » Version: 10.1

cpe:2.3:a:microstrategy:microstrategy_web:10.1
Microstrategy » Microstrategy Web » Version: 10.4

cpe:2.3:a:microstrategy:microstrategy_web:10.4
Microstrategy » Microstrategy Web » Version: 10.4.6

cpe:2.3:a:microstrategy:microstrategy_web:10.4.6
Microstrategy » Microstrategy Web » Version: 7

cpe:2.3:a:microstrategy:microstrategy_web:7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11450

Products

Pricing

Contact Us