Lucene search

K
nvd[email protected]NVD:CVE-2007-6317
HistoryDec 12, 2007 - 12:46 a.m.

CVE-2007-6317

2007-12-1200:46:00
CWE-22
web.nvd.nist.gov

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

65.5%

Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain …\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a …\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/.

Affected configurations

Nvd
Node
real_time_logicbarracudadrive_web_serverMatch3.7.2
OR
real_time_logicbarracudadrive_web_server_home_serverMatch3.7.2
VendorProductVersionCPE
real_time_logicbarracudadrive_web_server3.7.2cpe:2.3:a:real_time_logic:barracudadrive_web_server:3.7.2:*:*:*:*:*:*:*
real_time_logicbarracudadrive_web_server_home_server3.7.2cpe:2.3:a:real_time_logic:barracudadrive_web_server_home_server:3.7.2:*:*:*:*:*:*:*

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

65.5%

Related for NVD:CVE-2007-6317