CVE-2015-2856 - OpenCVE

Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Accellion	File Transfer Appliance

Configuration 1 [-]

cpe:2.3:a:accellion:file_transfer_appliance:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2017-10-10T13:00:00

Updated: 2017-10-10T12:57:01

Reserved: 2015-04-03T00:00:00

Link: CVE-2015-2856

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-10-10T13:29:00.247

Modified: 2017-10-23T22:02:04.300

Link: CVE-2015-2856

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:accellion:file_transfer_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EFC37F6-2C45-4620-BE69-0CE54F543E69", "versionEndIncluding": "fta_9_11_200", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en la funci\u00f3n template en function.inc en dispositivos Accellion File Transfer Appliance anteriores a FTA_9_11_210 permite que atacantes remotos lean archivos arbitrarios mediante un .. (punto punto) en la cookie statecode."}], "id": "CVE-2015-2856", "lastModified": "2017-10-23T22:02:04.300", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-10T13:29:00.247", "references": [{"source": "cret@cert.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}