CWE-26
AllowedPath Traversal: '/dir/../filename'
Abstraction: Variant · Status: Draft
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize "/dir/../filename" sequences that can resolve to a location that is outside of that directory.
25 vulnerabilities reference this CWE, most recent first.
CVE-2021-42021 (GCVE-0-2021-42021)
Vulnerability from cvelistv5 – Published: 2021-11-09 11:32 – Updated: 2024-08-04 03:22- CWE-26 - Path Traversal: '/dir/../filename'
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Siveillance Video DLNA Server |
Affected:
2019 R1
|
|
| Siemens | Siveillance Video DLNA Server |
Affected:
2019 R2
|
|
| Siemens | Siveillance Video DLNA Server |
Affected:
2019 R3
|
|
| Siemens | Siveillance Video DLNA Server |
Affected:
2020 R1
|
|
| Siemens | Siveillance Video DLNA Server |
Affected:
2020 R2
|
|
| Siemens | Siveillance Video DLNA Server |
Affected:
2020 R3
|
|
| Siemens | Siveillance Video DLNA Server |
Affected:
2021 R1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2019 R1"
}
]
},
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2019 R2"
}
]
},
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2019 R3"
}
]
},
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2020 R1"
}
]
},
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2020 R2"
}
]
},
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2020 R3"
}
]
},
{
"product": "Siveillance Video DLNA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "2021 R1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application\u2019s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-26",
"description": "CWE-26: Path Traversal: \u0027/dir/../filename\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-09T11:32:15.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-42021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2019 R1"
}
]
}
},
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2019 R2"
}
]
}
},
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2019 R3"
}
]
}
},
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2020 R1"
}
]
}
},
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2020 R2"
}
]
}
},
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2020 R3"
}
]
}
},
{
"product_name": "Siveillance Video DLNA Server",
"version": {
"version_data": [
{
"version_value": "2021 R1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application\u2019s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-26: Path Traversal: \u0027/dir/../filename\u0027"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-42021",
"datePublished": "2021-11-09T11:32:15.000Z",
"dateReserved": "2021-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:22:25.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34762 (GCVE-0-2021-34762)
Vulnerability from cvelistv5 – Published: 2021-10-27 18:55 – Updated: 2024-11-07 21:44| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Firepower Management Center |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:46.118918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:23.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Management Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-26",
"description": "CWE-26",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:55:36.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
],
"source": {
"advisory": "cisco-sa-fmc-dir-traversal-95UyW5tk",
"defect": [
[
"CSCvy41771"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34762",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Management Center",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTPS request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to read or write arbitrary files on the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-26"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dir-traversal-95UyW5tk"
}
]
},
"source": {
"advisory": "cisco-sa-fmc-dir-traversal-95UyW5tk",
"defect": [
[
"CSCvy41771"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34762",
"datePublished": "2021-10-27T18:55:36.199Z",
"dateReserved": "2021-06-15T00:00:00.000Z",
"dateUpdated": "2024-11-07T21:44:23.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-52JG-M3RM-CH68
Vulnerability from github – Published: 2024-03-06 18:30 – Updated: 2024-03-06 18:30A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.
{
"affected": [],
"aliases": [
"CVE-2024-20345"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-26"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-06T17:15:09Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. \n\n This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.",
"id": "GHSA-52jg-m3rm-ch68",
"modified": "2024-03-06T18:30:38Z",
"published": "2024-03-06T18:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20345"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-traversal-m7N8mZpF"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-67QG-7284-2277
Vulnerability from github – Published: 2026-05-05 20:05 – Updated: 2026-05-13 16:31Impact
S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random locations into request.FILES
Depending on how files are handled, this may lead to confidentiality and integrity issues.
Patches
Django-S3File urges all users to update to a patched version >=7.0.2.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 7.0.1"
},
"package": {
"ecosystem": "PyPI",
"name": "django-s3file"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42196"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-23",
"CWE-26"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-05T20:05:49Z",
"nvd_published_at": "2026-05-12T22:16:34Z",
"severity": "CRITICAL"
},
"details": "### Impact\n`S3FileMiddleware` is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random locations into `request.FILES`\n\nDepending on how files are handled, this may lead to confidentiality and integrity issues.\n\n### Patches\nDjango-S3File urges all users to update to a patched version \u003e=7.0.2.",
"id": "GHSA-67qg-7284-2277",
"modified": "2026-05-13T16:31:46Z",
"published": "2026-05-05T20:05:49Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/codingjoe/django-s3file/security/advisories/GHSA-67qg-7284-2277"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42196"
},
{
"type": "PACKAGE",
"url": "https://github.com/codingjoe/django-s3file"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "django-s3file is vulnerable to relative path traversal"
}
GHSA-6PWF-HHH9-VP2C
Vulnerability from github – Published: 2024-04-27 00:30 – Updated: 2024-08-01 15:31Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.
{
"affected": [],
"aliases": [
"CVE-2024-31551"
],
"database_specific": {
"cwe_ids": [
"CWE-26"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-26T22:15:08Z",
"severity": "HIGH"
},
"details": "Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.",
"id": "GHSA-6pwf-hhh9-vp2c",
"modified": "2024-08-01T15:31:42Z",
"published": "2024-04-27T00:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31551"
},
{
"type": "WEB",
"url": "https://www.yuque.com/sickle-ffnce/awixr8/qu8i0p9y0h277m6u"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-78FH-92P7-Q975
Vulnerability from github – Published: 2024-04-30 21:30 – Updated: 2025-03-20 21:31Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9 allows an attacker to execute arbitrary code via the FileTransUtil.java component.
{
"affected": [],
"aliases": [
"CVE-2024-29466"
],
"database_specific": {
"cwe_ids": [
"CWE-26"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-30T21:15:45Z",
"severity": "HIGH"
},
"details": "Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9 allows an attacker to execute arbitrary code via the FileTransUtil.java component.",
"id": "GHSA-78fh-92p7-q975",
"modified": "2025-03-20T21:31:40Z",
"published": "2024-04-30T21:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29466"
},
{
"type": "WEB",
"url": "https://gist.github.com/Xiqinger/b3cb51f390d408c3c66c66e645ba5ac0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FVCQ-F7QR-C3PM
Vulnerability from github – Published: 2025-08-22 21:31 – Updated: 2025-08-26 00:31Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.
{
"affected": [],
"aliases": [
"CVE-2022-45133"
],
"database_specific": {
"cwe_ids": [
"CWE-26"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-22T21:15:30Z",
"severity": "MODERATE"
},
"details": "Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.",
"id": "GHSA-fvcq-f7qr-c3pm",
"modified": "2025-08-26T00:31:09Z",
"published": "2025-08-22T21:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45133"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/mahara/+bug/1995819"
},
{
"type": "WEB",
"url": "https://mahara.org/interaction/forum/topic.php?id=9353"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H8RQ-7GM9-52RM
Vulnerability from github – Published: 2024-07-02 21:32 – Updated: 2024-07-02 21:32Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Versions 23.1-HF7 and on have the patch.
{
"affected": [],
"aliases": [
"CVE-2024-5865"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-26"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-02T16:15:05Z",
"severity": "HIGH"
},
"details": "Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Versions 23.1-HF7 and on have the patch.",
"id": "GHSA-h8rq-7gm9-52rm",
"modified": "2024-07-02T21:32:15Z",
"published": "2024-07-02T21:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5865"
},
{
"type": "WEB",
"url": "https://github.com/klsecservices/Advisories/blob/master/K-Delinea-2023-001.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H97Q-2RXR-WFVP
Vulnerability from github – Published: 2024-07-25 12:32 – Updated: 2024-07-25 12:32Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
{
"affected": [],
"aliases": [
"CVE-2024-39673"
],
"database_specific": {
"cwe_ids": [
"CWE-26",
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-25T12:15:03Z",
"severity": "MODERATE"
},
"details": "Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.",
"id": "GHSA-h97q-2rxr-wfvp",
"modified": "2024-07-25T12:32:02Z",
"published": "2024-07-25T12:32:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39673"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2024/7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JCPM-3FP5-4MQR
Vulnerability from github – Published: 2024-07-02 21:32 – Updated: 2024-07-02 21:32Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch.
{
"affected": [],
"aliases": [
"CVE-2024-5866"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-26"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-02T16:15:05Z",
"severity": "MODERATE"
},
"details": "Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch.",
"id": "GHSA-jcpm-3fp5-4mqr",
"modified": "2024-07-02T21:32:15Z",
"published": "2024-07-02T21:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5866"
},
{
"type": "WEB",
"url": "https://github.com/klsecservices/Advisories/blob/master/K-Delinea-2023-002.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-5.1
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
- Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.