Lucene search
Veracode Vulnerability DatabaseVERACODE:41125HistoryJul 06, 2023 - 6:13 a.m.
Directory Traversal
2023-07-0606:13:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
ethyca_fides
directory traversal
remote attacker
arbitrary files
webserver container
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.005
Percentile
76.6%
ethyca_fides is vulnerable to Directory Traversal. The vulnerability exists because the directories are not properly restricted which allows a remote attacker to access arbitrary files on the fides webserver container’s filesystem.
Related
nvd
nvd
CVE-2023-36827
2023-07-05 22:15:10
prion
prion
Path traversal
2023-07-05 22:15:00
cve
cve
CVE-2023-36827
2023-07-05 22:15:10
osv
osv
CVE-2023-36827
2023-07-05 22:15:10
PYSEC-2023-107
2023-07-05 22:15:00
ethyca-fides Webserver API Path Traversal vulnerability
2023-07-06 20:40:17
cvelist
cvelist
CVE-2023-36827 Fides vulnerable to Path Traversal in Webserver API
2023-07-05 21:22:30
github
github
ethyca-fides Webserver API Path Traversal vulnerability
2023-07-06 20:40:17
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.005
Percentile
76.6%
Related for VERACODE:41125