| Vulnerability Name: | CVE-2011-5127 (CCN-69630) | ||||||||
| Assigned: | 2011-09-06 | ||||||||
| Published: | 2011-09-06 | ||||||||
| Updated: | 2012-08-27 | ||||||||
| Summary: | Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.8 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
3.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-22 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2011-5127 Source: CCN Type: SA45898 Blue Coat Reporter Directory Traversal Vulnerability Source: CCN Type: SA45899 Blue Coat Reporter Directory Traversal Vulnerability Source: CCN Type: OSVDB ID: 75218 Blue Coat Reporter Encoded Traversal Arbitary File Access Source: CCN Type: BID-49482 Blue Coat Reporter Directory Traversal Vulnerability Source: XF Type: UNKNOWN bluecoatreporter-unspecified-dir-traversal(69630) Source: CCN Type: SA60 Reporter unauthenticated directory traversal Source: CONFIRM Type: Vendor Advisory https://kb.bluecoat.com/index?page=content&id=SA60 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [09-22-2011] | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||