Lucene search
HistoryFeb 19, 2010 - 5:30 p.m.
CVE-2009-4644
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.003
Percentile
70.6%
Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
Affected configurations
Node
accellionsecure_file_transfer_applianceMatch7_0_135
ORaccellionsecure_file_transfer_applianceMatch7_0_178
ORaccellionsecure_file_transfer_applianceMatch7_0_189
ORaccellionsecure_file_transfer_applianceMatch7_0_259
ORaccellionsecure_file_transfer_applianceMatch7_0_296
| Vendor | Product | Version | CPE |
|---|---|---|---|
| accellion | secure_file_transfer_appliance | 7_0_135 | cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_135:*:*:*:*:*:*:* |
| accellion | secure_file_transfer_appliance | 7_0_178 | cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_178:*:*:*:*:*:*:* |
| accellion | secure_file_transfer_appliance | 7_0_189 | cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_189:*:*:*:*:*:*:* |
| accellion | secure_file_transfer_appliance | 7_0_259 | cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_259:*:*:*:*:*:*:* |
| accellion | secure_file_transfer_appliance | 7_0_296 | cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_296:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-4644
2010-02-19 17:00:00
cve
cve
CVE-2009-4644
2010-02-19 17:30:00
prion
prion
Design/Logic Flaw
2010-02-19 17:30:00
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.003
Percentile
70.6%
Related for NVD:CVE-2009-4644