CVE-2013-3304

MEDIUM

Description

Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

References

http://www.exploit-db.com/exploits/35056

http://www.securityfocus.com/bid/70760

https://www.xlabs.com.br/blog/?p=50

Details

Source: MITRE

Published: 2014-10-30

Updated: 2014-10-31

Type: CWE-22

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM