CVE-2002-0503 — Path Traversal in Citrix Nfuse

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.4%

top 19.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Nfuse

Timeline

PublishedAug 12

Latest updateApr 30

Description

Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcitrix/nfuse1.5

Patches

Patch: www.iss.net ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-6jwm-f45w-3fjj: Directory traversal vulnerability in boilerplate↗2022-04-30

▶

📋Vendor Advisories

Citrix

CVE-2002-0503: Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot)↗2002-08-12

▶