Skip to main content

Specview CVE-2012-5972

LOW
Relative Path Traversal (CWE-23)
2013-01-17 ics-cert@hq.dhs.gov
2.6
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
2.6 LOW
AV:N/AC:H/Au:N/C:P/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:H/Au:N/C:P/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Confidentiality
P
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jan 17, 2013 - 16:55 cve.org
LOW 2.6

DescriptionCVE.org

Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.

AnalysisAI

Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-23. Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI. Affected products include: Specview.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2012-5972 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy