Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2015-6003
HistoryOct 16, 2015 - 1:59 a.m.

CVE-2015-6003

2015-10-1601:59:04
CWE-22
certcc
web.nvd.nist.gov
27
cve
qnap
qts
directory traversal
vulnerability
afp
remote attack
os x
user account
guest account

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0.007

Percentile

79.6%

JSON

Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Affected configurations

Nvd
Node
qnapqtsRange4.1.4
OR
qnapqtsRange4.2.0rc1
VendorProductVersionCPE
qnapqts*cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*
qnapqts*cpe:2.3:o:qnap:qts:*:rc1:*:*:*:*:*:*

Related

prion 1
cert 1
cvelist 1
nvd 1
prion
prion
Directory traversal
2015-10-16 01:59:00
cert
cert
QNAP QTS is vulnerable to a path traversal attack when used with the AFP protocol and OS X
2015-10-12 00:00:00
cvelist
cvelist
CVE-2015-6003
2015-10-16 01:00:00
nvd
nvd
CVE-2015-6003
2015-10-16 01:59:04

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0.007

Percentile

79.6%

JSON
Related for CVE-2015-6003
prion1cert1cvelist1nvd1