Lucene search

MitreCVE-2018-12631

HistoryJun 21, 2018 - 10:29 p.m.

CVE-2018-12631

2018-06-2122:29:00

CWE-22

mitre

web.nvd.nist.gov

cve

2018

12631

redatam7

remote file read

vulnerability

directory traversal

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.014

Percentile

86.6%

JSON

Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=…/ directory traversal.

Affected configurations

Nvd

Node

redatamredatamRange<7

VendorProductVersionCPE
redatamredatam*cpe:2.3:a:redatam:redatam:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redatam	redatam	*	cpe:2.3:a:redatam:redatam::::::::

References

www.exploit-db.com/exploits/44905/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.014

Percentile

86.6%

JSON

Related for CVE-2018-12631