CVE-2016-0855

Опубликовано: 15 янв. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors.

Ссылки

http://www.zerodayinitiative.com/advisories/ZDI-16-122
http://www.zerodayinitiative.com/advisories/ZDI-16-123
http://www.zerodayinitiative.com/advisories/ZDI-16-124
http://www.zerodayinitiative.com/advisories/ZDI-16-125
http://www.zerodayinitiative.com/advisories/ZDI-16-126
https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01
Third Party Advisory
US Government Resource
http://www.zerodayinitiative.com/advisories/ZDI-16-122
http://www.zerodayinitiative.com/advisories/ZDI-16-123
http://www.zerodayinitiative.com/advisories/ZDI-16-124
http://www.zerodayinitiative.com/advisories/ZDI-16-125
http://www.zerodayinitiative.com/advisories/ZDI-16-126
https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*

Версия до 8.0 (включая)

EPSS

Процентиль: 87%

0.03548

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-fq7g-2cr5-xrq6