← Zuruck zu CVEs
CVE-2023-3701
CRITICAL9.9
Beschreibung
Aqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. By exploiting this vulnerability, an authenticated non privileged user could access/modify stored resources of other users. It could also be possible to access and modify the source and configuration files of the cloud disk platform, affecting the integrity and availability of the entire platform.
CVE Details
CVSS v3.1 Bewertung9.9
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/4/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
aquaesolutions:aqua_drive
Schwachen (CWE)
CWE-23CWE-22
Referenzen
https://www.incibe.es/en/incibe-cert/notices/aviso/relative-path-traversal-aqua-esolutions(cve-coordination@incibe.es)
https://www.incibe.es/en/incibe-cert/notices/aviso/relative-path-traversal-aqua-esolutions(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.