Lucene search

[email protected]CVE-2004-2684

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2004-2684

2022-10-0316:14:13

[email protected]

web.nvd.nist.gov

vulnerability

intersystems cache

cve-2004-2684

server access

file access

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON

Unspecified vulnerability in the %template package in InterSystems Cache’ 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files under (a) Dev\studio\templates and (b) Devuser\studio\templates.

Affected configurations

NVD

Node

intersystemscache_databaseMatch5

CPENameOperatorVersion
intersystems:cache_databaseintersystems cache databaseeq5

CPE	Name	Operator	Version
intersystems:cache_database	intersystems cache database	eq	5

References

groups.google.com/group/intersystems-public-cache/browse_thread/thread/7af3237a57e97f14/da52318590c68c75

groups.google.com/group/intersystems-public-cache/browse_thread/thread/cda052864061faf7/b1c4ad61ca27c514

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2004-2684

nvd1 cvelist1