CVE-2014-5446
Description
Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
Related CPE's
References
Exploit
Exploit
ExploitPatch
Exploit
Exploit
CvssV3 impact
Could not find any metrics
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:L/Au:N/C:P/I:N/A:N |
AccessVector | NETWORK |
AccessComplexity | LOW |
Authentication | NONE |
ConfidentialityImpact | PARTIAL |
IntegrityImpact | NONE |
AvailabilityImpact | NONE |
BaseScore | 5 |