CVE-2016-9349

Опубликовано: 13 фев. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.

Ссылки

http://www.securityfocus.com/bid/94629
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04
Mitigation
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/42401/
https://www.exploit-db.com/exploits/42402/
http://www.securityfocus.com/bid/94629
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04
Mitigation
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/42401/
https://www.exploit-db.com/exploits/42402/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:advantech:susiaccess:*:*:*:*:*:*:*:*

Версия до 3.0 (включая)

EPSS

Процентиль: 96%

0.23687

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2qpx-8vpw-42x9