- Description
- Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/").
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
- Comment
- -
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ciphertrust:ironmail:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B7E39CC-F610-4397-9C88-2C9B08DFA99D",
"versionEndIncluding": "6.1.1"
},
{
"criteria": "cpe:2.3:a:ciphertrust:ironmail:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "645369C8-159C-459E-9067-2D46EE7A3E5E"
},
{
"criteria": "cpe:2.3:a:ciphertrust:ironmail:4.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BD16815-8709-4F64-966F-BA8FBDAC377A"
},
{
"criteria": "cpe:2.3:a:ciphertrust:ironmail:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CCD2698-A7A2-44BC-A352-B7CA89AD3032"
}
],
"operator": "OR"
}
]
}
]