← Back

CVE-2018-14928

nvd nist
Published: Aug 3, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter.

Affected (1)

Products: Matera: Banco
Matera
1 product
Banco
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Banco
Version 1.0.0

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (3)

Source: cve@mitre.org
Broken Link
Source: nvd@nist.gov
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.