Lucene search

[email protected]CVE-2018-8727

HistoryJun 19, 2018 - 7:29 p.m.

CVE-2018-8727

2018-06-1919:29:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2018-8727

path traversal

mirasys dvms

security vulnerability

web client webserver

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to traverse the file system to access files or directories via the Web Client webserver.

Affected configurations

NVD

Node

mirasysdvms_workstationRange≤5.12.6

CPENameOperatorVersion
mirasys:dvms_workstationmirasys dvms workstationle5.12.6

CPE	Name	Operator	Version
mirasys:dvms_workstation	mirasys dvms workstation	le	5.12.6

References

www.onvio.nl/nieuws/cve-mirasys-vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for CVE-2018-8727

packetstorm1 prion1 nuclei1 nvd1 exploitpack1 cvelist1 exploitdb1 openvas1