Lucene search

[email protected]CVE-2015-4546

HistoryOct 02, 2015 - 2:59 a.m.

CVE-2015-4546

2015-10-0202:59:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2015-4546

directory traversal

emc rsa onestep 6.9

remote attackers

arbitrary files

vulnerability

6.8 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

52.4%

JSON

Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR_PAGE parameter.

CPENameOperatorVersion
emc:rsa_certificate_manageremc rsa certificate managerle6.9
emc:rsa_onestepemc rsa onesteple6.9

CPE	Name	Operator	Version
emc:rsa_certificate_manager	emc rsa certificate manager	le	6.9
emc:rsa_onestep	emc rsa onestep	le	6.9

References

packetstormsecurity.com/files/133784/RSA-OneStep-6.9-Path-Traversal.html

seclists.org/bugtraq/2015/Sep/135

www.securitytracker.com/id/1033671

6.8 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

52.4%

JSON

Related for CVE-2015-4546

securityvulns2 prion1 cvelist1