CRITICAL✓ PATCH🇬🇧 English

CVE-2021-32008

CVSS 9.9v3.1pub. 2022-03-04upd. 2024-11-21

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Secomea Gatemanager

    APP
    Secomea
    ≤ 9.6.621421014
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2022-38123HIGH8.7ten sam produkt

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server ad...

CVE-2023-0317MEDIUM4.9ten sam produkt

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to ob...

CVE-2022-4308MEDIUM6.1ten sam produkt

Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse ...

CVE-2022-2752MEDIUM5.5ten sam produkt

A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous us...

CVE-2022-25786MEDIUM4.9ten sam produkt

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obt...