exploitDog

CVE-2020-25248

Опубликовано: 11 сент. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Directory traversal exists for reading files, as demonstrated by the FileName parameter.

Ссылки

http://seclists.org/fulldisclosure/2020/Oct/9
Mailing List
Third Party Advisory
https://seclists.org/fulldisclosure/2020/Oct/9
Mailing List
Third Party Advisory
https://seclists.org/fulldisclosure/2020/Sep/21
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2020/Oct/9
Mailing List
Third Party Advisory
https://seclists.org/fulldisclosure/2020/Oct/9
Mailing List
Third Party Advisory
https://seclists.org/fulldisclosure/2020/Sep/21
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*

Версия до 16.0.2.83 (включая)

cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*

Версия от 17.0.0.0 (включая) до 17.0.2.109 (включая)

cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*

Версия от 18.0.0.0 (включая) до 18.0.0.37 (включая)

cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*

Версия от 19.0.0.0 (включая) до 19.8.16.1000 (включая)

cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*

Версия от 20.0.0.0 (включая) до 20.3.10.1000 (включая)

EPSS

Процентиль: 59%

0.00374

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-hfvg-gvff-q9g5

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Directory traversal exists for reading files, as demonstrated by the FileName parameter.

EPSS

Процентиль: 59%

0.00374

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22