CVE-2019-12310

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 03/06/2019 Updated: 04/06/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote malicious users to view and retrieve verbose logging information. Files within this directory were observed to contain sensitive run-time information, including Base64 encoded 'support' credentials, leading to administrative access of the device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exagrid backup appliance firmware 48.1.1044.p50

CWE-22 https://www.inquisitllc.com/exagrid-directory-traversal-vulnerability-to-support-credential-extraction/https://exagrid.com/exagrid-products/resources/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-12310

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect