Lucene search

[email protected]CVE-2001-1108

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2001-1108

2002-06-2504:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1108

snapstream pvs 1.2a

directory traversal

security flaw

remote attacker

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

92.0%

JSON

Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a … (dot dot) attack in the requested URL.

Affected configurations

NVD

Node

snapstreampvsMatch1.2a

CPENameOperatorVersion
snapstream:pvssnapstream pvseq1.2a

CPE	Name	Operator	Version
snapstream:pvs	snapstream pvs	eq	1.2a

References

archives.neohapsis.com/archives/bugtraq/2001-07/0606.html

discuss.snapstream.com/ubb/Forum1/HTML/000216.html

www.osvdb.org/2080

www.securityfocus.com/bid/3100

exchange.xforce.ibmcloud.com/vulnerabilities/6917

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

92.0%

JSON

Related for CVE-2001-1108

nvd1 openvas2 cvelist1