Lucene search

[email protected]NVD:CVE-2008-6522

HistoryMar 25, 2009 - 6:30 p.m.

CVE-2008-6522

2009-03-2518:30:00

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a … (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.

Affected configurations

Nvd

Node

devraj_mukherjeeopenterracottaMatch0.6.1

VendorProductVersionCPE
devraj_mukherjeeopenterracotta0.6.1cpe:2.3:a:devraj_mukherjee:openterracotta:0.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
devraj_mukherjee	openterracotta	0.6.1	cpe:2.3:a:devraj_mukherjee:openterracotta:0.6.1:::::::*

References

www.securityfocus.com/archive/1/490341/100/0/threaded

www.securityfocus.com/bid/28550

exchange.xforce.ibmcloud.com/vulnerabilities/41572

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON

Related for NVD:CVE-2008-6522

exploitdb1 prion1 cvelist1 cve1