Lucene search

[email protected]CVE-2008-7093

HistoryAug 26, 2009 - 2:24 p.m.

CVE-2008-7093

2009-08-2614:24:17

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-7093

directory traversal

unica affinium campaign

remote attack

7.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.8%

JSON

Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a … (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener.

Affected configurations

NVD

Node

unicaaffinium_campaignMatch7.2.1.0.55

CPENameOperatorVersion
unica:affinium_campaignunica affinium campaigneq7.2.1.0.55

CPE	Name	Operator	Version
unica:affinium_campaign	unica affinium campaign	eq	7.2.1.0.55

References

secunia.com/advisories/31280

www.osvdb.org/47519

www.osvdb.org/47529

www.portcullis.co.uk/287.php

www.portcullis.co.uk/291.php

www.securityfocus.com/bid/30433

exchange.xforce.ibmcloud.com/vulnerabilities/44071

exchange.xforce.ibmcloud.com/vulnerabilities/44075

7.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.8%

JSON

Related for CVE-2008-7093

prion1 nvd1 cvelist1