7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.003 Low
EPSS
Percentile
65.5%
The Avigilon Control Center (ACC) is a server software for security and surveillance systems. The ACC Server is vulnerable to a path traversal attack, allowing an attacker to access any file on the server.
CWE-22**: Improper Limitation of a Pathname to a Restricted Directory (βPath Traversalβ) -**CVE-2015-2860
The /help/ path of a URL to an ACC Server is improperly parsed, allowing an attacker to perform a path traversal to access any file on the underlying system.
An unauthenticated remote attacker may access any file on the underlying system running ACC Server.
Apply an update
Avigilon has released updates addressing this issue in affected products; users are encouraged to update as soon as possible. For ACC Server version 5, please update to 5.4.2.22 or later. For ACC Server version 4, please update to 4.12.0.54 or later.
555984
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 11, 2015 Updated: June 10, 2015
Statement Date: May 12, 2015
Affected
We have not received a statement from the vendor.
Avigilon has released updates addressing this issue in affected products; users are encouraged to update as soon as possible. For ACC Server version 5, please update to 5.4.2.22 or later. For ACC Server version 4, please update to 4.12.0.54 or later.
Group | Score | Vector |
---|---|---|
Base | 7.8 | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Temporal | 6.1 | E:POC/RL:OF/RC:C |
Environmental | 4.6 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
<http://avigilon.com/support-and-downloads/for-software/software-updates-and-downloads/>
Thanks to JΓΌrgen Bilberger for reporting this vulnerability, and to Avigilon for quickly addressing this issue.
This document was written by Garret Wassermann.
CVE IDs: | CVE-2015-2860 |
---|---|
Date Public: | 2015-06-08 Date First Published: |