CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-3500

Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://aluigi.altervista.org/adv/cogent_2-adv.txt
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-03.pdf
http://aluigi.altervista.org/adv/cogent_2-adv.txt
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-03.pdf

Products affected by CVE-2011-3500

Cogentdatahub » Cogent Datahub » Version: 7.0

cpe:2.3:a:cogentdatahub:cogent_datahub:7.0
Cogentdatahub » Cogent Datahub » Version: 7.0.2

cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2
Cogentdatahub » Cogent Datahub » Version: 7.1.0

cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0
Cogentdatahub » Cogent Datahub » Version: 7.1.1

cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1
Cogentdatahub » Cogent Datahub » Version: 7.1.1.63

cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3500

Products

Pricing

Contact Us