HIGH🇬🇧 English

CVE-2012-4991

CVSS 8.5v2.0pub. 2012-12-13upd. 2026-04-29

Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:S/C:C/I:C/A:N
  • Axway Securetransport

    APP
    Axway
    ≤ 5.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2019-14277CRITICAL9.8ten sam produkt

Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to una...

CVE-2013-7057MEDIUM6.8ten sam produkt

Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote att...

CVE-2015-5606HIGH7.5ten sam vendor

Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service...

CVE-2019-6500HIGH7.5ten sam vendor

In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by ...

CVE-2012-6452MEDIUM5.0ten sam vendor

Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway Email Firewall, provides different respo...