Lucene search
MitreCVE-2004-1857HistoryMay 10, 2005 - 4:00 a.m.
CVE-2004-1857
2005-05-1004:00:00
mitre
web.nvd.nist.gov
33
cve
2004
1857
directory traversal
vulnerability
hp web jetadmin
remote attack
authenticated
setinfo.hts
setinclude parameter
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.923
Percentile
99.0%
Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a … (dot dot) in the setinclude parameter.
Affected configurations
Node
hpweb_jetadminMatch7.5.2546
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | web_jetadmin | 7.5.2546 | cpe:2.3:a:hp:web_jetadmin:7.5.2546:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
2004-03-24 00:00:00
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
2004-03-24 00:00:00
nvd
nvd
CVE-2004-1857
2004-03-24 05:00:00
nessus
nessus
openvas
openvas
HP Jet Admin 7.x Directory Traversal
2005-11-03 00:00:00
cvelist
cvelist
CVE-2004-1857
2005-05-10 04:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.923
Percentile
99.0%
Related for CVE-2004-1857