A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HBbraun Onlinesuite Application Package
APPBbraun≤ 3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path TraversalAuth Bypass
CWE
Related vulnerabilities
CVE-2020-25170HIGH7.8ten sam produkt
An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0...
CVE-2020-25174HIGH7.8ten sam produkt
A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to...
CVE-2021-33885CRITICAL10.0ten sam vendor
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allo...
CVE-2020-25150HIGH7.6ten sam vendor
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Da...
CVE-2020-25156HIGH7.2ten sam vendor
Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versio...