Lucene search
MitreCVE-2015-8357HistoryDec 16, 2015 - 9:59 p.m.
CVE-2015-8357
2015-12-1621:59:01
CWE-22
mitre
web.nvd.nist.gov
27
cve-2015-8357
bitrix
directory traversal
remote code execution
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.024
Percentile
90.0%
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a … (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.
Affected configurations
Node
bitrixxscanRange≤1.0.3bitrix
Related
cvelist
cvelist
CVE-2015-8357
2015-12-16 21:00:00
exploitpack
exploitpack
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
2015-12-14 00:00:00
nvd
nvd
CVE-2015-8357
2015-12-16 21:59:01
nessus
nessus
htbridge
htbridge
Path Traversal via CSRF in bitrix.xscan Bitrix Module
2015-11-18 00:00:00
zdt
zdt
bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability
2015-12-11 00:00:00
exploitdb
exploitdb
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
2015-12-14 00:00:00
prion
prion
Directory traversal
2015-12-16 21:59:00
packetstorm
packetstorm
bitrix.scan Bitrix 1.0.3 Path Traversal
2015-12-11 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.024
Percentile
90.0%
Related for CVE-2015-8357