Lucene search
MitreCVE-2014-100002HistoryJan 13, 2015 - 11:59 a.m.
CVE-2014-100002
2015-01-1311:59:01
CWE-22
mitre
web.nvd.nist.gov
23
cve-2014-100002
nvd
vulnerability
manageengine
supportcenter plus
remote attackers
file read
workorder.do
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.627
Percentile
97.9%
Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a …%2f (dot dot encoded slash) in the attach parameter to WorkOrder.do in the file attachment for a new ticket.
Affected configurations
Node
zohocorpmanageengine_supportcenter_plusRange≤7.97916
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_supportcenter_plus | * | cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:7916:*:*:*:*:*:* |
Related
nessus
nessus
exploitdb
exploitdb
ManageEngine Support Center Plus 7916 - Directory Traversal
2014-01-29 00:00:00
cvelist
cvelist
CVE-2014-100002
2015-01-13 11:00:00
metasploit
metasploit
ManageEngine Support Center Plus Directory Traversal
2014-01-28 08:45:23
packetstorm
packetstorm
ManageEngine Support Center Plus Directory Traversal
2024-09-01 00:00:00
prion
prion
Directory traversal
2015-01-13 11:59:00
nvd
nvd
CVE-2014-100002
2015-01-13 11:59:01
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.627
Percentile
97.9%
Related for CVE-2014-100002