Lucene search
RedhatCVE-2013-2068HistorySep 28, 2013 - 7:55 p.m.
CVE-2013-2068
2013-09-2819:55:02
CWE-22
redhat
web.nvd.nist.gov
30
cve
red hat
cloudforms
management engine
directory traversal
security vulnerability
nvd
CVSS2
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.597
Percentile
97.8%
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a … (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
Affected configurations
Node
redhatcloudforms_management_engineMatch5.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | cloudforms_management_engine | 5.1 | cpe:2.3:a:redhat:cloudforms_management_engine:5.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-2068
2013-09-28 19:00:00
metasploit
metasploit
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
2013-12-09 18:18:12
exploitdb
exploitdb
packetstorm
packetstorm
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
2013-12-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Red Hat CloudForms AgentController Directory Traversal (CVE-2013-2068)
2014-05-14 00:00:00
redhat
redhat
zdt
zdt
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
2013-12-24 00:00:00
prion
prion
Directory traversal
2013-09-28 19:55:00
nvd
nvd
CVE-2013-2068
2013-09-28 19:55:02
CVSS2
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.597
Percentile
97.8%
Related for CVE-2013-2068