CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5454

Unrestricted file upload vulnerability in the image upload module in SAS Visual Analytics 6.4M1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.5%

CVSS Severity

CVSS v2 Score 6.0

References

http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/95351
http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/95351

Products affected by CVE-2014-5454

Sas » Visual Analytics » Version: 6.4

cpe:2.3:a:sas:visual_analytics:6.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5454

Products

Pricing

Contact Us