CVE-2006-5862

Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://sourceforge.net/project/shownotes.php?release_id=461986
http://www.securityfocus.com/bid/20995	Patch
http://secunia.com/advisories/22766	Vendor Advisory
http://www.vupen.com/english/advisories/2006/4447
https://exchange.xforce.ibmcloud.com/vulnerabilities/30174

Configurations

Configuration 1 (hide)

cpe:2.3:a:network_administration_visualized:network_administration_visualized:3.1.0:*:*:*:*:*:*:*

Information

Published : 2006-11-10 17:07

Updated : 2017-07-19 18:34

NVD link : CVE-2006-5862

Mitre link : CVE-2006-5862

JSON object : View

CWE

NVD-CWE-Other

Products Affected

network_administration_visualized

network_administration_visualized

4.6 /10