CVE-2019-14362

Exploit

EPSS 0.29%
Veröffentlicht 28.07.2019 18:15:11
Zuletzt bearbeitet 21.11.2024 04:26:35
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openbravo ≫ Openbravo Erp Version3.0 Update-

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack0.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack10

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack10.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack10.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack10.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack11

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack11.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack12

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack12.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack12.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack13

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack13.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack13.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack14

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack14.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack14.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack15

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack15.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack15.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack16

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack16.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack16.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack16.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack17

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack17.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack17.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack17.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack18

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack18.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack18.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack18.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack18.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack18.5

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack19

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack19.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack19.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack19.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack19.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack2.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack2.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack2.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack2.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack20

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack21

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack21.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack22

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack22.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack22.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack22.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack23

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack23.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack23.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack24

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack24.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack24.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack25

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack25.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack25.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack26

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack26.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack26.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack26.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack26.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack27

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack27.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack28

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack28.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack28.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack28.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack28.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack28.5

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack29

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack29.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack29.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack29.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack29.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack3.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack3.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack30

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack30.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack30.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack30.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack31

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack31.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack31.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack31.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack31.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack4.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack4.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack5

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack5.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack5.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack5.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack6

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack6.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack6.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack7

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack7.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack7.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack7.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack8

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack8.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack8.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack8.3

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack8.4

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack9

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack9.1

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack9.2

Openbravo ≫ Openbravo Erp Version3.0 Updatemaintenance_pack9.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q2.6

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.6

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.7

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q3.8

Openbravo ≫ Openbravo Erp Version3.0 Updatepr14q4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q1.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q1.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q1.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q1.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q1.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q2.6

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q3.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q3.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q3.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q3.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q3.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr15q4.6

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q1.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q1.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q1.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q2.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q2.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q2.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q2.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q3.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q3.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q3.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q3.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q3.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q4.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q4.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q4.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr16q4.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q1.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q1.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q1.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q2.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q2.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q2.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q2.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q3.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q3.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q3.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q4.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr17q4.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q1.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q1.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q1.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q2.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q2.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q2.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q3.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q3.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q3.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q3.4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q3.5

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q4

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q4.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q4.2

Openbravo ≫ Openbravo Erp Version3.0 Updatepr18q4.3

Openbravo ≫ Openbravo Erp Version3.0 Updatepr19q1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr19q1.1

Openbravo ≫ Openbravo Erp Version3.0 Updatepr19q1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.518

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	2.8	2.5	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
nvd@nist.gov	5.5	8	4.9	AV:N/AC:L/Au:S/C:P/I:P/A:N

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://grep.blog/directory-traversal-openbravo/

Third Party Advisory

https://issues.openbravo.com/view.php?id=41413

Patch

Vendor Advisory

Exploit

https://www.sitincloud.com/securite/directory-traversal-openbravo-erp/

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2019-14362

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-14362

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-14362

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2019-14362