admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-255xx/CVE-2020-25540.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

144 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-25540",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-09-14T13:15:10.220",
"lastModified": "2024-11-21T05:18:06.023",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter."
},
{
"lang": "es",
"value": "ThinkAdmin versi\u00f3n v6, est\u00e1 afectado por una vulnerabilidad de salto de directorio. Un atacante no autorizado puede leer un archivo arbitrariamente en un servidor remoto por medio del par\u00e1metro encode de una petici\u00f3n GET"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thinkadmin:thinkadmin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E149B70-8FFA-469F-B90C-C3AE185F1658"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/159177/ThinkAdmin-6-Arbitrary-File-Read.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/zoujingli/ThinkAdmin/issues/244",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wtfsec.org/posts/thinkadmin-v6-%E5%88%97%E7%9B%AE%E5%BD%95-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "http://packetstormsecurity.com/files/159177/ThinkAdmin-6-Arbitrary-File-Read.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/zoujingli/ThinkAdmin/issues/244",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wtfsec.org/posts/thinkadmin-v6-%E5%88%97%E7%9B%AE%E5%BD%95-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink