Lucene search

[email protected]CVE-2009-0929

HistoryMar 17, 2009 - 9:30 p.m.

CVE-2009-0929

2009-03-1721:30:00

CWE-22

[email protected]

web.nvd.nist.gov

nucleus cms

vulnerability

directory traversal

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote attackers to read arbitrary files via unknown vectors.

Affected configurations

NVD

Node

nucleus_groupnucleus_cms

nucleus_groupnucleus_cmsRange≤3.40

nucleus_groupnucleus_cmsMatch3.0

nucleus_groupnucleus_cmsMatch3.0_1

nucleus_groupnucleus_cmsMatch3.0_rc

nucleus_groupnucleus_cmsMatch3.1

nucleus_groupnucleus_cmsMatch3.01

nucleus_groupnucleus_cmsMatch3.2

nucleus_groupnucleus_cmsMatch3.21

nucleus_groupnucleus_cmsMatch3.22

nucleus_groupnucleus_cmsMatch3.23

CPENameOperatorVersion
nucleus_group:nucleus_cmsnucleus group nucleus cmseq*
nucleus_group:nucleus_cmsnucleus group nucleus cmsle3.40
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.0
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.0_1
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.0_rc
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.1
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.01
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.2
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.21
nucleus_group:nucleus_cmsnucleus group nucleus cmseq3.22

CPE	Name	Operator	Version
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	*
nucleus_group:nucleus_cms	nucleus group nucleus cms	le	3.40
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.0
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.0_1
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.0_rc
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.1
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.01
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.2
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.21
nucleus_group:nucleus_cms	nucleus group nucleus cms	eq	3.22

Rows per page:

1-10 of 111

References

secunia.com/advisories/34180

www.nucleuscms.org/index.php/item/index.php/item/3051

www.securityfocus.com/bid/34040

www.vupen.com/english/advisories/2009/0637

exchange.xforce.ibmcloud.com/vulnerabilities/49142

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Related for CVE-2009-0929

cvelist1 prion1 nvd1