Overview
- Description
- Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1
- Source
- psirt@paloaltonetworks.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.8
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
- Severity
- MEDIUM
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FD4E9B6-0BFE-44D2-83AA-1EFBDC0BC2AB",
"versionEndIncluding": "1.6.20.1",
"versionStartIncluding": "1.6.5"
},
{
"criteria": "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96987D69-D7A7-4ACD-81B9-339C096AD9D8",
"versionEndExcluding": "1.7.16.1",
"versionStartIncluding": "1.7.0"
},
{
"criteria": "cpe:2.3:a:litespeedtech:openlitespeed:1.5.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "093A8797-4DA4-4B8A-B9FE-1D7CD11225AE"
},
{
"criteria": "cpe:2.3:a:litespeedtech:openlitespeed:1.5.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75720FC7-7158-4301-A055-E292CEDFF4DB"
}
],
"operator": "OR"
}
]
}
]