Lucene search
Japan Vulnerability NotesJVN:68289108HistoryOct 29, 2015 - 12:00 a.m.
JVN#68289108: Enisys Gw fails to restrict access permissions
2015-10-2900:00:00
Japan Vulnerability Notes
jvn.jp
13
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.002
Percentile
61.8%
Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw fails to restrict access permissions.
Impact
A remote unauthenticated attacker may be access to an arbitrary file uploaded on the product.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Enisys Gw 1.4.0 and earlier
Related
nvd
nvd
CVE-2015-5671
2015-10-29 11:59:12
cve
cve
CVE-2015-5671
2015-10-29 11:59:12
prion
prion
Design/Logic Flaw
2015-10-29 11:59:00
cvelist
cvelist
CVE-2015-5671
2015-10-29 10:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.002
Percentile
61.8%
Related for JVN:68289108