CVE-2023-44278

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server filesystem, with the privileges of the running application.

Related Vulnerabilities

CVE-2012-5380

MEDIUM
CVSS:6.7(Medium)

Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse D...

CWE-222012

CVE-2018-1204

MEDIUM
CVSS:6.7(Medium)

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phon...

CWE-222018

CVE-2019-12666

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The...

CWE-222019

CVE-2019-1952

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid admi...

CWE-222019

CVE-2020-3236

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwri...

CWE-222020

CVE-2021-29246

MEDIUM
CVSS:6.7(Medium)

BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special c...

CWE-222021