CVE-2007-6483

2007-12-2020:46:00

CWE-22

[email protected]

web.nvd.nist.gov

162

safenet

sentinel protection server

vulnerability

directory traversal

cve-2007-6483

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.6%

JSON

Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a … (dot dot) in the query string.

Affected configurations

NVD

Node

safenetsentinel_keys_serverMatch1.0.3

safenetsentinel_protection_serverMatch7.0

safenetsentinel_protection_serverMatch7.1

safenetsentinel_protection_serverMatch7.2

safenetsentinel_protection_serverMatch7.3

safenetsentinel_protection_serverMatch7.4

CPENameOperatorVersion
safenet:sentinel_keys_serversafenet sentinel keys servereq1.0.3
safenet:sentinel_protection_serversafenet sentinel protection servereq7.0
safenet:sentinel_protection_serversafenet sentinel protection servereq7.1
safenet:sentinel_protection_serversafenet sentinel protection servereq7.2
safenet:sentinel_protection_serversafenet sentinel protection servereq7.3
safenet:sentinel_protection_serversafenet sentinel protection servereq7.4

CPE	Name	Operator	Version
safenet:sentinel_keys_server	safenet sentinel keys server	eq	1.0.3
safenet:sentinel_protection_server	safenet sentinel protection server	eq	7.0
safenet:sentinel_protection_server	safenet sentinel protection server	eq	7.1
safenet:sentinel_protection_server	safenet sentinel protection server	eq	7.2
safenet:sentinel_protection_server	safenet sentinel protection server	eq	7.3
safenet:sentinel_protection_server	safenet sentinel protection server	eq	7.4