Products
Mercury MNVR816
- up to 2.0.1.0.5
Source
cna@vuldb.com
Tags
CVE-2024-8655 details
Published : Sept. 10, 2024, 8:15 p.m.
Last Modified : Sept. 10, 2024, 8:15 p.m.
Last Modified : Sept. 10, 2024, 8:15 p.m.
Description
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
1 | 2 | 3 | 4 | 5.3 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-552 | Files or Directories Accessible to External Parties | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
Base Score
5.3
Exploitability Score
3.9
Impact Score
1.4
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
URL | Source |
---|---|
https://vuldb.com/?ctiid.276963 | cna@vuldb.com |
https://vuldb.com/?id.276963 | cna@vuldb.com |
https://vuldb.com/?submit.401301 | cna@vuldb.com |
This website uses the NVD API, but is not approved or certified by it.