exploitDog

CVE-2019-12145

Опубликовано: 11 июн. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.

Ссылки

https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm
Release Notes
Vendor Advisory
https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ipswitch:ws_ftp_server:*:*:*:*:*:*:*:*

Версия до 8.6.1 (исключая)

EPSS

Процентиль: 1%

0.00012

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-q7xf-c4p2-99c4

CVSS3: 7.5

github

больше 3 лет назад

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.

EPSS

Процентиль: 1%

0.00012

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22