Описание
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 0.6.0 (включая)Версия до 1.4.6 (включая)Версия до 1.5.7 (включая)
Одно из
cpe:2.3:a:hibara_software:attachecase_for_java:*:*:*:*:*:*:*:*
cpe:2.3:a:hibara_software:attachecase_lite:*:*:*:*:*:*:*:*
cpe:2.3:a:hibara_software:attachecase_pro:*:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06623
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4.6 and earlier, and AttacheCase Pro 1.5.7 and earlier allows remote attackers to read arbitrary files via specially crafted ATC file.
EPSS
Процентиль: 91%
0.06623
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-22