Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0204 — Path Traversal in Crystal Enterprise

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

75.4%

top 1.11%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

BEA Weblogic Server Businessobjects Crystal Enterprise Businessobjects Crystal Enterprise Java SDK +5 more

Timeline

PublishedAug 6

Latest updateApr 29

Description

Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages8 packages

▶NVDbusinessobjects/crystal_reports10, 9+1

▶NVDbusinessobjects/crystal_enterprise10, 9+1

▶NVDbusinessobjects/crystal_enterprise_ras8.5

▶NVDbusinessobjects/crystal_enterprise_java_sdk8.5

▶NVDmicrosoft/business_solutions_crm1.2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-8gfg-jjvj-524x: Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual↗2022-04-29

▶

CVEList

CVE-2004-0204: Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual↗2004-06-11

▶

💥Exploits & PoCs

Exploit-DB

Business Objects Crystal Reports 9/10 Web Form Viewer - Directory Traversal↗2004-05-03

▶