Описание
The directory specifier can include designators that can be used to traverse the directory path. Exploiting this vulnerability may enable an attacker to access a limited number of hardcoded file types. Further exploitation of this vulnerability may allow an attacker to cause the web server component to enter a denial-of-service condition.
Уязвимые конфигурации
Конфигурация 1Версия до 7.3.4 (включая)
Одно из
cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.3:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00406
Низкий
7.8 High
CVSS2
6.4 Medium
CVSS2
Дефекты
CWE-22
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to read arbitrary files of unspecified types, or cause a web-server denial of service, via a crafted pathname.
EPSS
Процентиль: 61%
0.00406
Низкий
7.8 High
CVSS2
6.4 Medium
CVSS2
Дефекты
CWE-22
CWE-22