Описание
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
Ссылки
- Vendor Advisory
- ExploitPatch
- Exploit
- Vendor Advisory
- ExploitPatch
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:safenet:sentinel_keys_server:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:safenet:sentinel_protection_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:safenet:sentinel_protection_server:7.1:*:*:*:*:*:*:*
cpe:2.3:a:safenet:sentinel_protection_server:7.2:*:*:*:*:*:*:*
cpe:2.3:a:safenet:sentinel_protection_server:7.3:*:*:*:*:*:*:*
cpe:2.3:a:safenet:sentinel_protection_server:7.4:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.32029
Средний
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
EPSS
Процентиль: 97%
0.32029
Средний
5 Medium
CVSS2
Дефекты
CWE-22