{"api_version":"1","generated_at":"2026-06-21T20:36:10+00:00","cve":"CVE-2018-19586","urls":{"html":"https://cve.report/CVE-2018-19586","api":"https://cve.report/api/cve/CVE-2018-19586.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-19586","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-19586"},"summary":{"title":"CVE-2018-19586","description":"Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands on the underlying system.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2019-04-09 18:29:00","updated_at":"2019-04-11 15:55:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"https://www.bishopfox.com/news/2019/01/silverpeas-5-15-to-6-0-2-path-traversal/","name":"https://www.bishopfox.com/news/2019/01/silverpeas-5-15-to-6-0-2-path-traversal/","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"Silverpeas 5.15 To 6.0.2: Path Traversal - Bishop Fox","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/Silverpeas/Silverpeas-Core/blob/d8c3bbb0695a4907db013401bd16c6527e2b4f41/core-web/src/main/java/org/silverpeas/core/webapi/upload/FileUploadData.java#L89","name":"https://github.com/Silverpeas/Silverpeas-Core/blob/d8c3bbb0695a4907db013401bd16c6527e2b4f41/core-web/src/main/java/org/silverpeas/core/webapi/upload/FileUploadData.java#L89","refsource":"MISC","tags":["Patch","Third Party Advisory"],"title":"Silverpeas-Core/FileUploadData.java at d8c3bbb0695a4907db013401bd16c6527e2b4f41 · Silverpeas/Silverpeas-Core · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-19586","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19586","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"19586","vulnerable":"1","versionEndIncluding":"6.0.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"silverpeas","cpe5":"silverpeas","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2018-19586","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands on the underlying system."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://github.com/Silverpeas/Silverpeas-Core/blob/d8c3bbb0695a4907db013401bd16c6527e2b4f41/core-web/src/main/java/org/silverpeas/core/webapi/upload/FileUploadData.java#L89","refsource":"MISC","name":"https://github.com/Silverpeas/Silverpeas-Core/blob/d8c3bbb0695a4907db013401bd16c6527e2b4f41/core-web/src/main/java/org/silverpeas/core/webapi/upload/FileUploadData.java#L89"},{"url":"https://www.bishopfox.com/news/2019/01/silverpeas-5-15-to-6-0-2-path-traversal/","refsource":"MISC","name":"https://www.bishopfox.com/news/2019/01/silverpeas-5-15-to-6-0-2-path-traversal/"}]}},"nvd":{"publishedDate":"2019-04-09 18:29:00","lastModifiedDate":"2019-04-11 15:55:00","problem_types":["CWE-22"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.9,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.1,"impactScore":6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":9},"severity":"HIGH","exploitabilityScore":8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndIncluding":"6.0.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"19586","Ordinal":"137966","Title":"CVE-2018-19586","CVE":"CVE-2018-19586","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"19586","Ordinal":"1","NoteData":"Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands on the underlying system.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"19586","Ordinal":"2","NoteData":"2019-04-09","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"19586","Ordinal":"3","NoteData":"2019-04-09","Type":"Other","Title":"Modified"}]}}}