CVE-2018-15782

HIGH Year: 2018
CVSS v3 Score
7.8
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-22
View all →

Vulnerability Description

The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.

Related Vulnerabilities

CVE-2009-3721

HIGH
CVSS:7.8(High)

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to ...

CWE-222009

CVE-2015-0016

HIGH
CVSS:7.8(High)

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gol...

CWE-222015

CVE-2015-3151

HIGH
CVSS:7.8(High)

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) Ne...

CWE-222015

CVE-2015-7270

HIGH
CVSS:7.8(High)

Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal.

CWE-222015

CVE-2015-8535

HIGH
CVSS:7.8(High)

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory traversal vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center ...

CWE-222015

CVE-2016-4313

HIGH
CVSS:7.8(High)

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.

CWE-222016