CVE-2010-0620

2010-02-2500:30:00

CWE-22

dell

web.nvd.nist.gov

cve

2010

0620

directory traversal

vulnerability

emc

homebase server

ssl service

remote attackers

arbitrary files

arbitrary code

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.145

Percentile

95.8%

JSON

Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a … (dot dot) in an unspecified parameter.

Affected configurations

Nvd

Node

emchomebase_serverMatch6.2

emchomebase_serverMatch6.3

VendorProductVersionCPE
emchomebase_server6.2cpe:2.3:a:emc:homebase_server:6.2:*:*:*:*:*:*:*
emchomebase_server6.3cpe:2.3:a:emc:homebase_server:6.3:*:*:*:*:*:*:*