Описание
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../" (dot dot forward-slash backslash) sequences in a crafted request.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:sybase:appeon_for_powerbuilder:2.5:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:2.6:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:2.7:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:2.8:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:6.0:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:6.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:6.2:*:*:*:*:*:*:*
cpe:2.3:a:sybase:appeon_for_powerbuilder:6.5:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.0:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.3:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:5.5:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:6.0:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:6.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:6.2:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:6.3:*:*:*:*:*:*:*
cpe:2.3:a:sybase:easerver:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:replication_server:*:*:messaging:*:*:*:*:*
cpe:2.3:a:sybase:replication_server:15.2:*:messaging:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:*:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:1.0:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:1.5:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:1.6:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:1.7:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:2.0:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:2.1:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:sybase:sybase_workspace:2.5:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00805
Низкий
7.8 High
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request.
EPSS
Процентиль: 74%
0.00805
Низкий
7.8 High
CVSS2
Дефекты
CWE-22