Lucene search

K
cve[email protected]CVE-2008-5116
HistoryNov 18, 2008 - 12:30 a.m.

CVE-2008-5116

2008-11-1800:30:00
CWE-22
web.nvd.nist.gov
29
cve-2008-5116
directory traversal
vulnerability
sun java system identity manager
remote attack

6.7 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.014 Low

EPSS

Percentile

86.5%

Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.

Affected configurations

NVD
Node
sunjava_system_identity_managerMatch6.0
OR
sunjava_system_identity_managerMatch6.0sp1
OR
sunjava_system_identity_managerMatch6.0sp2
OR
sunjava_system_identity_managerMatch6.0sp3
OR
sunjava_system_identity_managerMatch6.0sp4
OR
sunjava_system_identity_managerMatch7.0
OR
sunjava_system_identity_managerMatch7.1

6.7 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.014 Low

EPSS

Percentile

86.5%

Related for CVE-2008-5116