- Description
- Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter.
- Source
- PSIRT-CNA@flexerasoftware.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-22
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:dellsystemlite.scanner_activex_control:1.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C951A2C5-1442-4BC7-9555-D1E61D8A8FE7"
}
],
"operator": "OR"
}
]
}
]