A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100452 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-01 | Mitigation Third Party Advisory US Government Resource |
https://www.exploit-db.com/exploits/42543/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2017-08-25T19:00:00
Updated: 2017-09-06T09:57:02
Reserved: 2017-06-14T00:00:00
Link: CVE-2017-9640
JSON object: View
NVD Information
Status : Modified
Published: 2017-08-25T19:29:00.410
Modified: 2021-07-27T19:25:56.903
Link: CVE-2017-9640
JSON object: View
Redhat Information
No data.
CWE