How severe is CVE-2018-1000161?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.7 out of 10.

What type of vulnerability is CVE-2018-1000161?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2018-1000161

MEDIUM Year: 2018

CVSS v3 Score

5.7

Medium

CVSS v2 Score

3.5

Low

Weakness Type

CWE-22

View all →

Vulnerability Description

nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.

CVE-2016-2205

MEDIUM

CVSS:5.7(Medium)

Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec...

CWE-222016

CVE-2016-5941

MEDIUM

CVSS:5.7(Medium)

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrar...

CWE-222016

CVE-2017-11348

MEDIUM

CVSS:5.7(Medium)

In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or mo...

CWE-222017

CVE-2017-15532

MEDIUM

CVSS:5.7(Medium)

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are store...

CWE-222017