CVE-2014-8871
Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier.
Published
2017-08-28T15:29:00.563
Last Modified
2025-04-20T01:37:25.860
Status
Deferred
Source
[email protected]
Severity
CVSSv3.0: 7.5 (HIGH)
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: PARTIAL
- Integrity Impact: NONE
- Availability Impact: NONE
Exploitability Score
10.0
Impact Score
2.9
Weaknesses
Affected Vendors & Products
References
-
http://packetstormsecurity.com/files/130444/Hybris-Commerce-Software-Suite-5.x-File-Disclosure-Traversal.html
Exploit, Third Party Advisory, VDB Entry
([email protected])
-
http://seclists.org/fulldisclosure/2015/Feb/63
Exploit, Mailing List, Third Party Advisory
([email protected])
-
http://www.securityfocus.com/archive/1/534722/100/1600/threaded
Third Party Advisory, VDB Entry
([email protected])
-
http://www.securityfocus.com/bid/72681
Third Party Advisory, VDB Entry
([email protected])
-
http://packetstormsecurity.com/files/130444/Hybris-Commerce-Software-Suite-5.x-File-Disclosure-Traversal.html
Exploit, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://seclists.org/fulldisclosure/2015/Feb/63
Exploit, Mailing List, Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securityfocus.com/archive/1/534722/100/1600/threaded
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
http://www.securityfocus.com/bid/72681
Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)