Lucene search

[email protected]CVE-2004-1217

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1217

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1217

hosting controller

directory traversal

remote attack

nvd

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.022 Low

EPSS

Percentile

89.5%

JSON

Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.

Affected configurations

NVD

Node

hosting_controllerhosting_controllerMatch6.1

hosting_controllerhosting_controllerMatch6.1_hotfix_1.4

CPENameOperatorVersion
hosting_controller:hosting_controllerhosting controllereq6.1
hosting_controller:hosting_controllerhosting controllereq6.1_hotfix_1.4

CPE	Name	Operator	Version
hosting_controller:hosting_controller	hosting controller	eq	6.1
hosting_controller:hosting_controller	hosting controller	eq	6.1_hotfix_1.4

References

marc.info/?l=bugtraq&m=110237762807764&w=2

www.securityfocus.com/bid/11822

exchange.xforce.ibmcloud.com/vulnerabilities/18363

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.022 Low

EPSS

Percentile

89.5%

JSON

Related for CVE-2004-1217

nvd1 cvelist1