CVE-2014-3702

Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a .. (dot dot) the session parameter.
References
Link Resource
https://github.com/redhat-cip/edeploy/issues/231 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1153470 Issue Tracking Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:edeploy:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:h.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:h.1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:h.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:h.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:edeploy:0.1.0:*:*:*:*:*:*:*

Information

Published : 2017-10-16 08:29

Updated : 2017-11-07 10:24


NVD link : CVE-2014-3702

Mitre link : CVE-2014-3702


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

redhat

  • edeploy