Podatność CVE-2014-5302

Podatność CVE-2014-5302

Publikacja: 2017-08-28

Opis:

	Tytuł	Autor	Data
High	ManageEngine Shell Upload / Directory Traversal	Pedro Ribeiro	06.01.2015

Typ:

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
9/10	10/10	8/10

Affected software
Manageengine -> It360
Manageengine -> Assetexplorer
Manageengine -> Servicedesk plus
Manageengine -> Supportcenter

http://packetstormsecurity.com/files/129806/ManageEngine-Shell-Upload-Directory-Traversal.html

http://seclists.org/fulldisclosure/2015/Jan/12

http://seclists.org/fulldisclosure/2015/Jan/5

http://secunia.com/advisories/62105

http://secunia.com/advisories/62121

http://www.securityfocus.com/archive/1/534377/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/99611