Arbitrary File Deletion Vulnerability in Bludit Backup Plugin
CVE-2020-20495

9.1CRITICAL

Key Information:

Vendor: Bludit
Status: Bludit
Vendor: CVE Published:; 1 September 2021

What is CVE-2020-20495?

The Bludit backup plugin in version v3.13.0 is affected by an arbitrary file deletion vulnerability, which can be exploited through the deleteBackup parameter. This means that attackers could potentially delete any files on the server, leading to critical data loss and compromise of the system's integrity. Proper security measures should be implemented to safeguard against this risk.

References

https://github.com/bludit/bludit/issues/1246

x_refsource_MISC

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 1, 2021
Vulnerability Reserved
Aug 13, 2020

JSON