5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
81.3%
a. Directory traversal vulnerabilityDue to incomplete sanitation of user input, a support component of VMware Studio’s web interface can be tricked into uploading a file to any directory inside the VMware Studio virtual appliance. This issue does not affect virtual machines that are created with Studio 2.0 beta.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2968 to this issue.VMware would like to thank Claudio Criscione of Secure Network for reporting this issue to us.
CPE | Name | Operator | Version |
---|---|---|---|
vmware studio | lt | VMware Studio 2.0 build 1017-185256 |