Lucene search
HistoryAug 27, 2012 - 11:55 p.m.
CVE-2012-4680
cve-2012-4680
directory traversal
xml server
ioserver
root directory
remote attackers
uri
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.5%
Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a … (dot dot) in a URI.
Affected configurations
Node
ioserverioserverMatch1.0.18.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| ioserver:ioserver | ioserver | eq | 1.0.18.0 |
Related
openvas
openvas
cvelist
cvelist
CVE-2012-4680
2012-08-27 23:00:00
nvd
nvd
CVE-2012-4680
2012-08-27 23:55:02
ics
ics
IOServer OPC Server Multiple Vulnerabilities
2013-05-01 12:00:00
prion
prion
Directory traversal
2012-08-27 23:55:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.5%
Related for CVE-2012-4680