CVE-2015-2971

Published Jul 19, 2015

Last updated 6 years ago

Overview

Description: Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.5
Impact score: 4.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-22

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5CA5EC0-521C-4603-A75E-A2201B6A2CD1",
            "versionEndExcluding": "3.8.18"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE7CC02E-0112-4B80-AEBF-13D13B135921"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B2F6EDE-7FBD-4A02-A43A-036D0D4EBE65"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.2:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90A6E799-326A-4710-A84D-FF68DFADE0B5"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.3:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD8FADE1-B210-44AB-88A3-88F6426B1B66"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.4:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB8809F1-BBB1-478F-ABE7-86FD4ABD6E54"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.5:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74E77742-0557-4237-B209-0B5734B1847A"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.6:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB478F72-3CB2-4312-ADA1-73A52498E867"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.7:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F99AAE6C-AA0B-4E18-9E81-E9C6DB825418"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.8:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D451434D-CA40-45D5-87BE-BB452C50AD73"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.9:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D556988-7FE0-4B88-9745-B15F157CCC45"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.10:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5346C1C-8D1A-41CE-B569-9E65BCDD17F5"
          },
          {
            "criteria": "cpe:2.3:a:seeds:acmailer:3.9.11:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AB4678D-E82B-4FCC-A6DD-6D7770B5D403"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References