CVE-2019-16064
Summary
| CVE | CVE-2019-16064 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-03-19 18:15:00 UTC |
| Updated | 2020-03-23 18:39:00 UTC |
| Description | NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an attacker to list operating-system directory contents on the server, create directories and upload files in permissible locations, and modify filenames and delete files that are accessible by the user running the web server instance. |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Netsas | Enigma Network Management Solution | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Mogozobo » (CVE-2019-16061 –> CVE-2019-16072) Enigma NMS Multiple Vulnerabilities | MISC | www.mogozobo.com | Exploit, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.