CVE-2011-5127
Blue Coat Reporter - Directory Traversal
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.
Vulnerabilidad de ejecución directorio transversal en Blue Coat Reporter v9.x anterior v9.2.4.13, v9.2.5.x anterior a v9.2.5.1, y v9.3 anterior a v9.3.1.2 en Windows permite a atacantes remotos leer ficheros arbitrarios, y consecuentemente ejecutar código arbitrario, a través de una solicitud HTTP no especificada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-09-22 First Exploit
- 2012-08-26 CVE Reserved
- 2012-08-26 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/17883 | 2011-09-22 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.bluecoat.com/index?page=content&id=SA60 | 2012-08-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bluecoat Search vendor "Bluecoat" | Reporter Search vendor "Bluecoat" for product "Reporter" | 9.2.4.1 Search vendor "Bluecoat" for product "Reporter" and version "9.2.4.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Bluecoat Search vendor "Bluecoat" | Reporter Search vendor "Bluecoat" for product "Reporter" | 9.2.4.12 Search vendor "Bluecoat" for product "Reporter" and version "9.2.4.12" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Bluecoat Search vendor "Bluecoat" | Reporter Search vendor "Bluecoat" for product "Reporter" | 9.2.5 Search vendor "Bluecoat" for product "Reporter" and version "9.2.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Bluecoat Search vendor "Bluecoat" | Reporter Search vendor "Bluecoat" for product "Reporter" | 9.3.1.1 Search vendor "Bluecoat" for product "Reporter" and version "9.3.1.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|