CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
97.2%
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
Vendor | Product | Version | CPE |
---|---|---|---|
payara | micro_community | * | cpe:2.3:a:payara:micro_community:*:*:*:*:*:*:*:* |
packetstormsecurity.com/files/164365/Payara-Micro-Community-5.2021.6-Directory-Traversal.html
packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.html
seclists.org/fulldisclosure/2022/Nov/11
github.com/Net-hunter121/CVE-2021-41381/blob/main/CVE:%202021-41381-POC
www.exploit-db.com/exploits/50371
www.payara.fish
www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
97.2%