Описание
The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.
The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-11431
- https://www.inetsoftware.de/documentation/clear-reports/release-notes/releases/changes_19.2
- https://www.inetsoftware.de/support/news/i-net-clear-reports-security-advisory-2020-apr-06
- https://www.inetsoftware.de/support/news/i-net-helpdesk-sicherheitsankuendigung-2020-apr-06
- https://www.inetsoftware.de/support/news/i-net-pdfc-security-advisory-2020-apr-06
EPSS
Процентиль: 82%
0.01743
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.1
nvd
почти 6 лет назад
The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.
EPSS
Процентиль: 82%
0.01743
Низкий