CVE-2008-5116
Published Nov 18, 2008
Last updated 6 years ago
Overview
- Description
- Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13445915-DF3D-4C52-B1DC-9FC6BE0DD519"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0C2964C-7435-4999-AF16-01CD9EF5782C"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51CFF484-5A52-41DC-A003-A9319DF2AFB8"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A7E88DA-F3A8-4B0F-AD4F-8680C1FB3282"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:6.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "861DEDA3-93A1-405A-BA2F-764AE4219D89"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0980492E-B7DB-4B9F-A400-FDC47DB89A95"
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_manager:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A5C87C0-3734-4568-97A6-6AB8979AABE7"
}
],
"operator": "OR"
}
]
}
]