Lucene search

[email protected]CVE-2014-2232

HistoryDec 01, 2014 - 3:59 p.m.

CVE-2014-2232

2014-12-0115:59:00

CWE-21

[email protected]

web.nvd.nist.gov

cve-2014-2232

absolute path traversal

mapapi

infoware mapsuite

nvd

security vulnerability

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

70.0%

JSON

Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to read arbitrary files via unspecified vectors.

CPENameOperatorVersion
infoware:mapsuiteinfoware mapsuitelt1.0.36
infoware:mapsuiteinfoware mapsuitelt1.1.49

CPE	Name	Operator	Version
infoware:mapsuite	infoware mapsuite	lt	1.0.36
infoware:mapsuite	infoware mapsuite	lt	1.1.49

References

iw.mapandroute.de/MapAPI-1.0/releaseHistory.jsp

iw.mapandroute.de/MapAPI-1.1/releaseHistory.jsp

www.christian-schneider.net/advisories/CVE-2014-2232.txt

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

70.0%

JSON

Related for CVE-2014-2232

prion1 cvelist1 securityvulns3