Lucene search

K
cvelistDebianCVELIST:CVE-2017-0360
HistoryApr 04, 2017 - 5:00 p.m.

CVE-2017-0360

2017-04-0417:00:00
debian
www.cve.org
2

AI Score

4.8

Confidence

High

EPSS

0.002

Percentile

54.2%

file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a β€œsame root name but with a suffix” attack. NOTE: This vulnerability exists because of an incomplete fix for CVE-2016-1242.

CNA Affected

[
  {
    "product": "tryton-server before 3.4.0-3+deb8u3",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "tryton-server before 3.4.0-3+deb8u3"
      }
    ]
  }
]

AI Score

4.8

Confidence

High

EPSS

0.002

Percentile

54.2%