CVE-2013-3598

2013-08-2813:09:15

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

High

EPSS

0.006

Percentile

78.0%

JSON

Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a … (dot dot) in the name parameter.

Affected configurations

Nvd

Node

searchbloxsearchbloxRange≤7.5

searchbloxsearchbloxMatch6.2build_1

searchbloxsearchbloxMatch6.3build_1

searchbloxsearchbloxMatch6.4build_1

searchbloxsearchbloxMatch6.4build_2

searchbloxsearchbloxMatch7.0

searchbloxsearchbloxMatch7.1

searchbloxsearchbloxMatch7.2

searchbloxsearchbloxMatch7.3

searchbloxsearchbloxMatch7.4

VendorProductVersionCPE
searchbloxsearchblox*cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:*
searchbloxsearchblox6.2cpe:2.3:a:searchblox:searchblox:6.2:build_1:*:*:*:*:*:*
searchbloxsearchblox6.3cpe:2.3:a:searchblox:searchblox:6.3:build_1:*:*:*:*:*:*
searchbloxsearchblox6.4cpe:2.3:a:searchblox:searchblox:6.4:build_1:*:*:*:*:*:*
searchbloxsearchblox6.4cpe:2.3:a:searchblox:searchblox:6.4:build_2:*:*:*:*:*:*
searchbloxsearchblox7.0cpe:2.3:a:searchblox:searchblox:7.0:*:*:*:*:*:*:*
searchbloxsearchblox7.1cpe:2.3:a:searchblox:searchblox:7.1:*:*:*:*:*:*:*
searchbloxsearchblox7.2cpe:2.3:a:searchblox:searchblox:7.2:*:*:*:*:*:*:*
searchbloxsearchblox7.3cpe:2.3:a:searchblox:searchblox:7.3:*:*:*:*:*:*:*
searchbloxsearchblox7.4cpe:2.3:a:searchblox:searchblox:7.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
searchblox	searchblox	*	cpe:2.3:a:searchblox:searchblox::::::::
searchblox	searchblox	6.2	cpe:2.3:a:searchblox:searchblox:6.2:build_1::::::
searchblox	searchblox	6.3	cpe:2.3:a:searchblox:searchblox:6.3:build_1::::::
searchblox	searchblox	6.4	cpe:2.3:a:searchblox:searchblox:6.4:build_1::::::
searchblox	searchblox	6.4	cpe:2.3:a:searchblox:searchblox:6.4:build_2::::::
searchblox	searchblox	7.0	cpe:2.3:a:searchblox:searchblox:7.0:::::::*
searchblox	searchblox	7.1	cpe:2.3:a:searchblox:searchblox:7.1:::::::*
searchblox	searchblox	7.2	cpe:2.3:a:searchblox:searchblox:7.2:::::::*
searchblox	searchblox	7.3	cpe:2.3:a:searchblox:searchblox:7.3:::::::*
searchblox	searchblox	7.4	cpe:2.3:a:searchblox:searchblox:7.4:::::::*