CVE-2001-1458 — Path Traversal in Groupwise
3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.9%
top 24.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 15
Latest updateApr 30
Description
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9