CVE-2010-0620

Published Feb 25, 2010

Last updated 6 years ago

Overview

Description: Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.
Source: security_alert@emc.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-22

Evaluator

Comment: Per: http://seclists.org/bugtraq/2010/Feb/222 Affected products: EMC HomeBase Server version 6.2.x EMC HomeBase Server version 6.3.x
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:homebase_server:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D36EB7F-CA40-4C44-9E25-1E7AF6BB2FA9"
          },
          {
            "criteria": "cpe:2.3:a:emc:homebase_server:6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D186C00-9FD7-4635-B312-B6EF32855725"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Evaluator

Configurations

References