Lucene search

[email protected]CVE-2004-2493

HistoryOct 25, 2005 - 4:00 a.m.

CVE-2004-2493

2005-10-2504:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2493

directory traversal

gmaxwww

desktop

jichitai

template name parameter

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.

Affected configurations

NVD

Node

hitachigroupmax_world_wide_webMatch2

hitachigroupmax_world_wide_webMatch02_00

hitachigroupmax_world_wide_webMatch02_20

hitachigroupmax_world_wide_webMatch02_20_a

hitachigroupmax_world_wide_webMatch02_31_i

hitachigroupmax_world_wide_webMatch3

hitachigroupmax_world_wide_webMatch03_00

hitachigroupmax_world_wide_webMatch03_10_h

hitachigroupmax_world_wide_webMatch03_11_b

hitachigroupmax_world_wide_web_desktopMatch5

hitachigroupmax_world_wide_web_desktopMatch05_00

hitachigroupmax_world_wide_web_desktopMatch05_11_f

hitachigroupmax_world_wide_web_desktopMatch05_11_i

hitachigroupmax_world_wide_web_desktopMatch05_11_j

hitachigroupmax_world_wide_web_desktopMatch6

hitachigroupmax_world_wide_web_desktopMatch06_00

hitachigroupmax_world_wide_web_desktopMatch06_50_b

hitachigroupmax_world_wide_web_desktopMatch06_50_c

hitachigroupmax_world_wide_web_desktopMatch06_51

hitachigroupmax_world_wide_web_desktopMatch06_51jichitai

hitachigroupmax_world_wide_web_desktopMatch06_51_b

hitachigroupmax_world_wide_web_desktopMatch06_51_c

hitachigroupmax_world_wide_web_desktopMatch06_52

hitachigroupmax_world_wide_web_desktopMatch06_52jichitai

hitachigroupmax_world_wide_web_desktopMatch06_52_b

hitachigroupmax_world_wide_web_desktopMatchgoldjichitai

CPENameOperatorVersion
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq2
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq02_00
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq02_20
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq02_20_a
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq02_31_i
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq3
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq03_00
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq03_10_h
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq03_11_b
hitachi:groupmax_world_wide_web_desktophitachi groupmax world wide web desktopeq5

CPE	Name	Operator	Version
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	2
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	02_00
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	02_20
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	02_20_a
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	02_31_i
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	3
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	03_00
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	03_10_h
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	03_11_b
hitachi:groupmax_world_wide_web_desktop	hitachi groupmax world wide web desktop	eq	5

Rows per page:

1-10 of 241

References

secunia.com/advisories/13321

www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html

www.osvdb.org/12153

www.securityfocus.com/bid/11773

exchange.xforce.ibmcloud.com/vulnerabilities/18278

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

Related for CVE-2004-2493

nvd1 cvelist1