Lucene search

Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction

🗓️ 03 Aug 2023 16:32:33Reported by GoogleType

osv🔗 osv.dev👁 20 Views

Path Traversal Vulnerability in AssetController:importServerFilesAction, impact on sensitive files, potential denial of servic

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2023-38708	4 Aug 202301:15	–	cve
Cvelist	CVE-2023-38708 Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction	4 Aug 202300:12	–	cvelist
Github Security Blog	Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction	3 Aug 202316:33	–	github
Prion	Path traversal	4 Aug 202301:15	–	prion
Veracode	Path Traversal	5 Aug 202303:43	–	veracode
Vulnrichment	CVE-2023-38708 Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction	4 Aug 202300:12	–	vulnrichment
NVD	CVE-2023-38708	4 Aug 202301:15	–	nvd
CNVD	SAP Host Agent is a set of agent programs from SAP that supports a number of lifecycle management tasks such as operating system monitoring, database monitoring and system instance monitoring. An information disclosure vulnerability exists in SAP Host Agent that stems from a lack of authentication checks, which could be exploited by an unauthenticated attacker to set undocumented parameters to a specific compatibility value and then invoke a read function.	10 Aug 202300:00	–	cnvd
OSV	CVE-2023-38708	4 Aug 202301:15	–	osv

Source	Link
github	www.github.com/pimcore/pimcore/security/advisories/GHSA-34hj-v8fm-x887
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-38708
github	www.github.com/pimcore/pimcore/commit/58012d0e3b8b926fb54eccbd64ec5c993b30c22c
github	www.github.com/pimcore/pimcore

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Aug 2023 16:33Current

6.8Medium risk

Vulners AI Score6.8

CVSS36.3 - 8.8

EPSS0.002

SSVC