Описание
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:blackberry:workspaces_vapp:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.5.9:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:blackberry:workspaces_vapp:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:workspaces_vapp:5.6.6:*:*:*:*:*:*:*
Конфигурация 3Версия до 1.11.2 (включая)
cpe:2.3:a:blackberry:workspaces_appliance-x:*:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.0062
Низкий
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
EPSS
Процентиль: 69%
0.0062
Низкий
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-22