Lucene search

[email protected]CVE-2008-1410

HistoryMar 20, 2008 - 10:44 a.m.

CVE-2008-1410

2008-03-2010:44:00

CWE-22

[email protected]

web.nvd.nist.gov

acronis

snap deploy

vulnerability

directory traversal

cve-2008-1410

tftp service

security

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service.

Affected configurations

NVD

Node

acronissnap_deployMatch2.0.0.1076

CPENameOperatorVersion
acronis:snap_deployacronis snap deployeq2.0.0.1076

CPE	Name	Operator	Version
acronis:snap_deploy	acronis snap deploy	eq	2.0.0.1076

References

aluigi.altervista.org/adv/acropxe-adv.txt

secunia.com/advisories/29305

securityreason.com/securityalert/3758

www.securityfocus.com/archive/1/489358/100/0/threaded

www.securityfocus.com/bid/28182

www.vupen.com/english/advisories/2008/0814/references

exchange.xforce.ibmcloud.com/vulnerabilities/41074

www.exploit-db.com/exploits/5228

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for CVE-2008-1410

nvd1 prion1 cvelist1