Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2015-6003First vendor Publication2015-10-15
VendorCveLast vendor Modification2016-12-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6003

CWE : Common Weakness Enumeration

%idName
100 %CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Os4

Sources (Detail)

SourceUrl
CERT-VN http://www.kb.cert.org/vuls/id/751328
CONFIRM https://www.qnap.com/i/en/support/con_show.php?cid=85
SECTRACK http://www.securitytracker.com/id/1033794

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2016-12-08 09:23:50
  • Multiple Updates
2016-04-27 02:42:35
  • Multiple Updates
2015-10-20 16:21:11
  • Multiple Updates
2015-10-18 17:27:54
  • Multiple Updates
2015-10-16 09:22:44
  • First insertion