Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-14335
HistoryJul 24, 2018 - 1:29 p.m.

CVE-2018-14335

2018-07-2413:29:00
CWE-59
[email protected]
web.nvd.nist.gov
2

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.

Affected configurations

NVD
Node
h2databaseh2Match1.4.197

Related

prion 1
ubuntucve 1
osv 1
exploitpack 1
redhatcve 1
zdt 1
packetstorm 1
veracode 1
cve 1
cvelist 1
broadcom 1
exploitdb 1
ibm 1
redhat 1
prion
prion
Design/Logic Flaw
2018-07-24 13:29:00
ubuntucve
ubuntucve
CVE-2018-14335
2018-07-24 00:00:00
osv
osv
CVE-2018-14335
2018-07-24 13:29:00
exploitpack
exploitpack
H2 Database 1.4.197 - Information Disclosure
2018-07-30 00:00:00
redhatcve
redhatcve
CVE-2018-14335
2018-08-01 14:49:45
zdt
zdt
H2 Database 1.4.197 - Information Disclosure Exploit
2018-07-30 00:00:00
packetstorm
packetstorm
H2 Database 1.4.197 Information Disclosure
2018-07-30 00:00:00
veracode
veracode
Information Disclosure
2018-07-25 05:26:31
cve
cve
CVE-2018-14335
2018-07-24 13:29:00
cvelist
cvelist
CVE-2018-14335
2018-07-24 13:00:00
broadcom
broadcom
BSA-2022-1837
2022-05-03 00:00:00
exploitdb
exploitdb
H2 Database 1.4.197 - Information Disclosure
2018-07-30 00:00:00
ibm
ibm
Security Bulletin: H2 Database Vulnerabilities Affect IBM Control Center (CVE-2018-10054, CVE-2018-14335)
2021-05-14 21:25:45
redhat
redhat
(RHSA-2020:0727) Important: Red Hat Data Grid 7.3.3 security update
2020-03-05 12:46:52

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.2 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON
Related for NVD:CVE-2018-14335
prion1ubuntucve1osv1exploitpack1redhatcve1zdt1packetstorm1veracode1cve1cvelist1broadcom1exploitdb1ibm1redhat1