1 results (0.002 seconds)
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37403
https://notcve.org/view.php?id=CVE-2024-37403
07 Aug 2024 — Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The application fails to properly sanitize file names, resulting in a path traversal-affiliated vulnerability. This potentially enables other malicious apps on the device to read sensitive information stored in the app root. • https://forums.ivanti.com/s/article/Security-Advisory-CVE-2024-37403-Dirty-Stream-for-Ivanti-Docs-Work-for-Android • CWE-24: Path Traversal: '../filedir' •