Lucene search

[email protected]CVE-2018-12525

HistoryJun 18, 2018 - 11:29 a.m.

CVE-2018-12525

2018-06-1811:29:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2018-12525

perfsonar

maddash

directory listing

security issue

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.9%

JSON

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.

Affected configurations

NVD

Node

perfsonarmonitoring_and_debugging_dashboardMatch2.0.2

CPENameOperatorVersion
perfsonar:monitoring_and_debugging_dashboardperfsonar monitoring and debugging dashboardeq2.0.2

CPE	Name	Operator	Version
perfsonar:monitoring_and_debugging_dashboard	perfsonar monitoring and debugging dashboard	eq	2.0.2

References

pastebin.com/eA5tGKf0

www.exploit-db.com/exploits/44910/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.9%

JSON

Related for CVE-2018-12525

cvelist1 nvd1 prion1 osv1 packetstorm1 exploitpack1 zdt1 exploitdb1