Description

A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.

Related CPE's

Could not find any relations

References

https://thrive.trellix.com/s/article/000014635

Weaknesses

[email protected]

Secondary
CWE-22

CVSS impact metrics

Missing metrics for CVSS V

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2025-06-26T11:15:26.427

5 months ago

Last modified

2025-06-26T18:57:43.670

5 months ago