CVE-2005-1691

3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.3%
top 49.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP SAP R 3
Timeline
PublishedJul 26
Latest updateMay 1

Description

Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDsap/sap_r_36.30

🔴Vulnerability Details

2
GHSA
GHSA-pv43-7jg4-68jh: Directory traversal vulnerability in Internet Graphics Server in SAP before 62022-05-01
CVEList
CVE-2005-1691: Directory traversal vulnerability in Internet Graphics Server in SAP before 62005-07-26
CVE-2005-1691 (MEDIUM CVSS 5) | Directory traversal vulnerability i | cvebase.io