File System Traversal Vulnerability in Advantech SUISAccess Server
CVE-2016-9349

7.5HIGH

Key Information:

Vendor
Advantech
Status
Advantech Susiaccess Server 3.0 And Prior
Vendor
CVE Published:
13 February 2017

Summary

A critical file system traversal vulnerability exists in Advantech SUISAccess Server versions up to 3.0, allowing attackers to access restricted files on the server. This could lead to unauthorized information disclosure, putting sensitive data at risk. Proper security measures and timely updates are essential to mitigate this vulnerability.

Affected Version(s)

Advantech SUSIAccess Server 3.0 and prior Advantech SUSIAccess Server 3.0 and prior

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04
x_refsource_MISC
http://www.securityfocus.com/bid/94629
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/42401/
exploitx_refsource_EXPLOIT-DB

EPSS Score

21% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.