Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact None

AV:N/AC:L/Au:S/C:C/I:C/A:N
Vendors Products
Axway
  • Securetransport

Configuration 1 [-]

cpe:2.3:a:axway:securetransport:*:sp2:*:*:*:*:*:*
References
Link Resource
http://www.exploit-db.com/exploits/23324/
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:34

Updated: 2022-10-03T16:15:34

Reserved: 2022-10-03T00:00:00

Link: CVE-2012-4991

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2012-12-13T11:53:33.820

Modified: 2012-12-13T11:53:33.820

Link: CVE-2012-4991

JSON object: View

cve-icon Redhat Information

No data.

CWE