Lucene search
HistorySep 28, 2013 - 7:55 p.m.
CVE-2013-2068
cve
red hat
cloudforms
management engine
directory traversal
security vulnerability
nvd
9.4 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.624 Medium
EPSS
Percentile
97.9%
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a … (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
Affected configurations
Node
redhatcloudforms_management_engineMatch5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:cloudforms_management_engine | redhat cloudforms management engine | eq | 5.1 |
Related
prion
prion
Directory traversal
2013-09-28 19:55:00
nvd
nvd
CVE-2013-2068
2013-09-28 19:55:02
zdt
zdt
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
2013-12-24 00:00:00
redhat
redhat
checkpoint_advisories
checkpoint_advisories
Red Hat CloudForms AgentController Directory Traversal (CVE-2013-2068)
2014-05-14 00:00:00
cvelist
cvelist
CVE-2013-2068
2013-09-28 19:00:00
packetstorm
packetstorm
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
2013-12-23 00:00:00
9.4 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.624 Medium
EPSS
Percentile
97.9%
Related for CVE-2013-2068