4
MEDIUM

CVE-2019-3474

Published: 20/02/2019 Updated: 05/03/2019
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

Vulnerability Summary

A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Access Complexity: LOW
Authentication: SINGLE
Access Vector: NETWORK
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrofocusFilr3.0

Exploits

SecureAuth - SecureAuth Labs Advisory wwwsecureauthcom/ Micro Focus Filr Multiple Vulnerabilities 1 *Advisory Information* Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL: wwwsecureauthcom/labs/advisories/micro-focus-filr-multiple-vulnerabilities Date published: 2019-02-20 Date of la ...

Mailing Lists

SecureAuth - SecureAuth Labs Advisory wwwsecureauthcom/ Micro Focus Filr Multiple Vulnerabilities 1 *Advisory Information* Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL: wwwsecureauthcom/labs/advisories/micro-focus-filr-multiple-vulnerabilities Date published: 2019-02-20 Date of la ...
Micro Focus Filr version 340217 suffers from privilege escalation and path traversal vulnerabilities ...
SecureAuth - SecureAuth Labs Advisory wwwsecureauthcom/ Micro Focus Filr Multiple Vulnerabilities 1 *Advisory Information* Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL: wwwsecureauthcom/labs/advisories/micro-focus-filr-multiple-vulnerabilities Date published: 2019-02-20 Date of la ...

References