CVE-2014-5393
Published Sep 11, 2014
Last updated 6 years ago
Overview
- Description
- Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sos:jobscheduler:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04063BAB-E033-4FCB-9894-11974EC85316",
"versionEndIncluding": "1.6.4131"
},
{
"criteria": "cpe:2.3:a:sos:jobscheduler:1.6.4014:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2B9B1EE-3C37-4B0C-9AC0-7B479558CED9"
},
{
"criteria": "cpe:2.3:a:sos:jobscheduler:1.6.4043:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3467B07E-0498-4B36-BCC3-DC7EC385D06D"
},
{
"criteria": "cpe:2.3:a:sos:jobscheduler:1.7.4177:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BEA7100-9FA7-4F66-9DA9-AD52AD487217"
},
{
"criteria": "cpe:2.3:a:sos:jobscheduler:1.7.4189:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "337165FD-1F47-4493-89F6-73834E436C63"
}
],
"operator": "OR"
}
]
}
]