var-201904-0512
Vulnerability from variot
A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains a path traversal vulnerability.Information may be obtained. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. A remote attacker can use a specially crafted request ('../') with a directory traversal sequence to retrieve arbitrary files from the application for sensitive information. Information obtained could aid in further attacks. The following versions are affected: Honeywell Experion R40x versions prior to Experion PKS R400.6 Honeywell Experion R41x versions prior to Experion PKS R410.6 Honeywell Experion R43x versions prior to Experion PKS R430.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0512",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r400"
},
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r430"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r400.6"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r410.6"
},
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r410"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r430.2"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r43x"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r41x"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r430.2"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r410.6"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r400.6"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r40x"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "experion process knowledge system",
"version": "*"
},
{
"model": "experion pks r40x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r41x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r43x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r430.1",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r430",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r410.5",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r410",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r400.5",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r400",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r311.2",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r430.2",
"scope": "ne",
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r410.6",
"scope": "ne",
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r400.6",
"scope": "ne",
"trust": 0.3,
"vendor": "honeywell",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "BID",
"id": "71752"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "NVD",
"id": "CVE-2014-5436"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r400.6",
"versionStartIncluding": "r400",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r430.2",
"versionStartIncluding": "r430",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r410.6",
"versionStartIncluding": "r410",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5436"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kirill Nesterov,Alexander Tlyapov, Gleb Gritsai, Artem Chaykin and Ilya Karpov of the Positive Technologies Research Team and Security Lab",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
],
"trust": 0.6
},
"cve": "CVE-2014-5436",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-5436",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-09112",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2014-5436",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-5436",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-09112",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-510",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains a path traversal vulnerability.Information may be obtained. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. A remote attacker can use a specially crafted request (\u0027../\u0027) with a directory traversal sequence to retrieve arbitrary files from the application for sensitive information. Information obtained could aid in further attacks. \nThe following versions are affected:\nHoneywell Experion R40x versions prior to Experion PKS R400.6\nHoneywell Experion R41x versions prior to Experion PKS R410.6\nHoneywell Experion R43x versions prior to Experion PKS R430.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "BID",
"id": "71752"
},
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5436",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-14-352-01",
"trust": 2.7
},
{
"db": "BID",
"id": "71752",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-09112",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-510",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659",
"trust": 0.8
},
{
"db": "IVD",
"id": "DD03D0D8-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "BID",
"id": "71752"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
]
},
"id": "VAR-201904-0512",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
}
],
"trust": 1.6958333250000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
}
]
},
"last_update_date": "2023-12-18T12:43:36.555000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Experion PKS",
"trust": 0.8,
"url": "https://www.honeywellprocess.com/en-us/explore/products/control-monitoring-and-safety-systems/integrated-control-and-safety-systems/experion-pks/pages/default.aspx"
},
{
"title": "Honeywell Experion PKS \u0027confd.exe\u0027 module directory traversal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/53117"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "NVD",
"id": "CVE-2014-5436"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-352-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5436"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5436"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/71752"
},
{
"trust": 0.3,
"url": "https://www.honeywellprocess.com/en-us/training/programs/control-monitoring-and-safety-systems/pages/experion-pks.aspx"
},
{
"trust": 0.3,
"url": "http://s1018729.instanturl.net/wp-content/uploads/2013/01/overview_epdoc-xx81-en-410.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "BID",
"id": "71752"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "BID",
"id": "71752"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-25T00:00:00",
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-12-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"date": "2014-12-18T00:00:00",
"db": "BID",
"id": "71752"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"date": "2019-04-08T16:29:00.417000",
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"date": "2014-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"date": "2014-12-18T00:00:00",
"db": "BID",
"id": "71752"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008659"
},
{
"date": "2019-10-09T23:11:11.700000",
"db": "NVD",
"id": "CVE-2014-5436"
},
{
"date": "2019-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honeywell Experion PKS \u0027confd.exe\u0027 Module directory traversal vulnerability",
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09112"
},
{
"db": "BID",
"id": "71752"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "dd03d0d8-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-510"
}
],
"trust": 0.8
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.