Lucene search

K
cve[email protected]CVE-2011-3357
HistorySep 21, 2011 - 4:55 p.m.

CVE-2011-3357

2011-09-2116:55:00
CWE-22
web.nvd.nist.gov
39
cve
2011
3357
directory traversal
bug_actiongroup_ext_page.php
mantisbt
vulnerability
security

6.7 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.2%

Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the action parameter, related to bug_actiongroup_page.php.

References

6.7 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.2%

Related for CVE-2011-3357