CVE-2024-5866

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-26
View all →

Vulnerability Description

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch.

Related Vulnerabilities

CVE-2024-28064

CRITICAL
CVSS:9.8(Critical)

Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations (with displayLoginChunkedImages...

CWE-262024

CVE-2024-29466

HIGH
CVSS:8.8(High)

Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9 allows an attacker to execute arbitrary code via the FileTransUtil.java component.

CWE-262024

CVE-2021-34762

HIGH
CVSS:8.1(High)

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an af...

CWE-262021

CVE-2021-42021

HIGH
CVSS:7.5(High)

A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1...

CWE-262021

CVE-2024-31551

HIGH
CVSS:7.5(High)

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.

CWE-262024

CVE-2024-25466

HIGH
CVSS:7.3(High)

Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library comp...

CWE-262024