Lucene search
MitreCVE-2024-34995HistoryMay 24, 2024 - 4:15 p.m.
CVE-2024-34995
2024-05-2416:15:10
CWE-57
mitre
web.nvd.nist.gov
45
cve-2024-34995
webui v1.8.3
arbitrary file deletion
CVSS3
4.3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
7.2
Confidence
High
svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserController#importOver. This vulnerability allows attackers to delete arbitrary files via a crafted POST request.
References
Related
vulnrichment
vulnrichment
CVE-2024-34995
1976-01-01 00:00:00
nvd
nvd
CVE-2024-34995
2024-05-24 16:15:10
cvelist
cvelist
CVE-2024-34995
1976-01-01 00:00:00
CVSS3
4.3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
7.2
Confidence
High
Related for CVE-2024-34995