Lucene search

MitreCVE-2008-1410

HistoryMar 20, 2008 - 10:44 a.m.

CVE-2008-1410

2008-03-2010:44:00

CWE-22

mitre

web.nvd.nist.gov

acronis

snap deploy

vulnerability

directory traversal

cve-2008-1410

tftp service

security

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.011

Percentile

84.7%

JSON

Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service.

Affected configurations

Nvd

Node

acronissnap_deployMatch2.0.0.1076

VendorProductVersionCPE
acronissnap_deploy2.0.0.1076cpe:2.3:a:acronis:snap_deploy:2.0.0.1076:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
acronis	snap_deploy	2.0.0.1076	cpe:2.3:a:acronis:snap_deploy:2.0.0.1076:::::::*

References

aluigi.altervista.org/adv/acropxe-adv.txt

secunia.com/advisories/29305

securityreason.com/securityalert/3758

www.securityfocus.com/archive/1/489358/100/0/threaded

www.securityfocus.com/bid/28182

www.vupen.com/english/advisories/2008/0814/references

exchange.xforce.ibmcloud.com/vulnerabilities/41074

www.exploit-db.com/exploits/5228

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.011

Percentile

84.7%

JSON

Related for CVE-2008-1410