Lucene search

K
cve[email protected]CVE-2008-5116
HistoryNov 18, 2008 - 12:30 a.m.

CVE-2008-5116

2008-11-1800:30:00
CWE-22
web.nvd.nist.gov
29
cve-2008-5116
directory traversal
vulnerability
sun java system identity manager
remote attack

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.

Affected configurations

NVD
Node
sunjava_system_identity_managerMatch6.0
OR
sunjava_system_identity_managerMatch6.0sp1
OR
sunjava_system_identity_managerMatch6.0sp2
OR
sunjava_system_identity_managerMatch6.0sp3
OR
sunjava_system_identity_managerMatch6.0sp4
OR
sunjava_system_identity_managerMatch7.0
OR
sunjava_system_identity_managerMatch7.1

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

Related for CVE-2008-5116