Summary
This host is running Arkeia Appliance and is affected by a path traversal vulnerability.
Impact
Successful exploitation will allow remote attackers to perform directory traversal attacks and read arbitrary files on the affected application.
arbitrary data.
Solution
For updates refer to http://www.arkeia.com/
Insight
Path traversal enables attackers access to files and directories outside the web root through relative file paths in the user input.
Affected
Arkeia Appliance Version 10.2.7 and prior.
Detection
Send a crafted HTTP POST request and check is it possible to read a system file.
References
Severity
Classification
-
CVE CVE-2014-2846 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities