PT-2018-10005 · Ge · Mds Pulsenet Enterprise+1

Rgod

Published

2018-06-04

Updated

2019-10-09

CVE-2018-10615

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior

Description The issue allows for directory traversal, which may result in the exfiltration or deletion of files on the host platform.

Recommendations For GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior, update to a version later than 3.2.1 to resolve the issue.

Fix

Relative Path Traversal

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-23CWE-22

Related Identifiers

CVE-2018-10615

ZDI-18-546

Affected Products

Ge Mds Pulsenet

Mds Pulsenet Enterprise

PT-2018-10005 · Ge · Mds Pulsenet Enterprise+1

CVE-2018-10615

Weakness Enumeration

Related Identifiers

Affected Products

References · 6