Lucene search

[email protected]CVE-2007-5815

HistoryNov 05, 2007 - 6:46 p.m.

CVE-2007-5815

2007-11-0518:46:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2007

5815

absolute path traversal

vulnerability

webcachecleaner

activex

sonicwall

ssl-vpn

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

High

0.071 Low

EPSS

Percentile

94.0%

JSON

Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method.

Affected configurations

NVD

Node

sonicwallssl_vpn_200Range≤2.1

sonicwallssl_vpn2000\/4000Range≤2.5

CPENameOperatorVersion
sonicwall:ssl_vpn_200sonicwall ssl vpn 200le2.1
sonicwall:ssl_vpn2000\/4000sonicwall ssl vpn2000/4000le2.5

CPE	Name	Operator	Version
sonicwall:ssl_vpn_200	sonicwall ssl vpn 200	le	2.1
sonicwall:ssl_vpn2000\/4000	sonicwall ssl vpn2000/4000	le	2.5

References

secunia.com/advisories/27469

securityreason.com/securityalert/3342

www.sec-consult.com/303.html

www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt

www.securityfocus.com/archive/1/483097/100/0/threaded

www.securityfocus.com/bid/26288

www.vupen.com/english/advisories/2007/3696

exchange.xforce.ibmcloud.com/vulnerabilities/38221

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

High

0.071 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2007-5815

prion1 cvelist1 nvd1