Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-3996
cve-2012-3996
tikiwiki
cms
groupware
remote attackers
installation path
security issue
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.6%
TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.
Affected configurations
Node
tikitikiwiki_cms\/groupwareRange≤8.2
ORtikitikiwiki_cms\/groupwareMatch2.2
ORtikitikiwiki_cms\/groupwareMatch3.0
ORtikitikiwiki_cms\/groupwareMatch3.1
ORtikitikiwiki_cms\/groupwareMatch3.2
ORtikitikiwiki_cms\/groupwareMatch3.3
ORtikitikiwiki_cms\/groupwareMatch3.4
ORtikitikiwiki_cms\/groupwareMatch3.5
ORtikitikiwiki_cms\/groupwareMatch4
ORtikitikiwiki_cms\/groupwareMatch4.0
ORtikitikiwiki_cms\/groupwareMatch4.1
ORtikitikiwiki_cms\/groupwareMatch4.2
ORtikitikiwiki_cms\/groupwareMatch5.0
ORtikitikiwiki_cms\/groupwareMatch5.1
ORtikitikiwiki_cms\/groupwareMatch5.2
ORtikitikiwiki_cms\/groupwareMatch5.3
ORtikitikiwiki_cms\/groupwareMatch6.0
ORtikitikiwiki_cms\/groupwareMatch6.1
ORtikitikiwiki_cms\/groupwareMatch6.2
ORtikitikiwiki_cms\/groupwareMatch7.0
ORtikitikiwiki_cms\/groupwareMatch7.1
ORtikitikiwiki_cms\/groupwareMatch7.2
ORtikitikiwiki_cms\/groupwareMatch8.0
ORtikitikiwiki_cms\/groupwareMatch8.1
Related
nvd
nvd
CVE-2012-3996
2012-07-12 19:55:07
prion
prion
Path traversal
2012-07-12 19:55:00
cvelist
cvelist
CVE-2012-3996
2022-10-03 16:15:22
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.6%
Related for CVE-2012-3996