Lucene search
HistoryAug 28, 2013 - 1:09 p.m.
CVE-2013-3598
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.4%
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a … (dot dot) in the name parameter.
Affected configurations
Node
searchbloxsearchbloxRange≤7.5
ORsearchbloxsearchbloxMatch6.2build_1
ORsearchbloxsearchbloxMatch6.3build_1
ORsearchbloxsearchbloxMatch6.4build_1
ORsearchbloxsearchbloxMatch6.4build_2
ORsearchbloxsearchbloxMatch7.0
ORsearchbloxsearchbloxMatch7.1
ORsearchbloxsearchbloxMatch7.2
ORsearchbloxsearchbloxMatch7.3
ORsearchbloxsearchbloxMatch7.4
Related
cve
cve
CVE-2013-3598
2013-08-28 13:09:15
prion
prion
Directory traversal
2013-08-28 13:09:00
cvelist
cvelist
CVE-2013-3598
2013-08-28 01:00:00
openvas
openvas
SearchBlox Multiple Vulnerabilities (Sep 2013)
2013-09-03 00:00:00
cert
cert
SearchBlox contains multiple vulnerabilities
2013-08-23 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.4%
Related for NVD:CVE-2013-3598