What is CVE-2005-3498?

CVE-2005-3498 is a vulnerability in N/a. Published 2005-11-04.

Is CVE-2005-3498 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2005-3498

IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL…

EPSS: 0.520 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores

References

www-1.ibm.com/support/docview.wss (x_refsource_CONFIRM)
15303 (vdb-entry, x_refsource_BID)
1015134 (vdb-entry, x_refsource_SECTRACK)
PK11017 (vendor-advisory, x_refsource_AIXAPAR)
ADV-2005-2291 (vdb-entry, x_refsource_VUPEN)

Frequently asked questions

What is CVE-2005-3498?: CVE-2005-3498 is a vulnerability in N/a. Published 2005-11-04.
Is CVE-2005-3498 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.