Vulnerability Details : CVE-2004-2493
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
Vulnerability category: Directory traversal
Products affected by CVE-2004-2493
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_00:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_50_b:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_52_b:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_00:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_11_f:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51:*:jichitai:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51_b:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_50_c:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_11_i:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_11_j:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51_c:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_52:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_52:*:jichitai:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:5:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:6:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:gold:*:jichitai:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:03_11_b:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:2:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:02_20_a:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:02_31_i:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:02_00:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:02_20:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:3:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:03_00:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:groupmax_world_wide_web:03_10_h:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-2493
1.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-2493
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST |
References for CVE-2004-2493
-
http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html
Patch;Vendor Advisory
-
http://secunia.com/advisories/13321
About Secunia Research | Flexera
-
http://www.securityfocus.com/bid/11773
-
http://www.osvdb.org/12153
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/18278
Jump to