CVE-2004-2214

Published: Dec 31, 2004Modified: Apr 16, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters.

Affected (1)

Products: Mbedthis: Appweb Http Server

1 product

Appweb Http Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mbedthis Appweb Http Server	Before 1.1.3

Related CWEs

Improper Handling of Case Sensitivity

The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.

References (10)

http://secunia.com/advisories/12011

Source: cve@mitre.org

Broken LinkPatchVendor Advisory

http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html

Source: cve@mitre.org

Broken Link

http://www.osvdb.org/7391

Source: cve@mitre.org

Broken LinkPatch

http://www.securityfocus.com/bid/10673

Source: cve@mitre.org

Broken LinkPatchThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/16638

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://secunia.com/advisories/12011

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchVendor Advisory

http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.osvdb.org/7391

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatch

http://www.securityfocus.com/bid/10673

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/16638

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.