7.2 High
AI Score
Confidence
Low
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
79.1%
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable.
CPE | Name | Operator | Version |
---|---|---|---|
omnivista | eq | 4760.0.0-r5.0.7.5 | |
omnivista | eq | <= 4760-r5.1.6.3 |
seclists.org/fulldisclosure/2011/Mar/8
secunia.com/advisories/43507
securityreason.com/securityalert/8122
www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2011002.pdf
www.securityfocus.com/archive/1/516768/100/0/threaded
www.securityfocus.com/bid/46624
www.vupen.com/english/advisories/2011/0548
exchange.xforce.ibmcloud.com/vulnerabilities/65848