PT-2024-16978 · Sonatype · Sonatype Iq Server
Published
2024-03-06
·
Updated
2024-03-21
·
CVE-2024-1142
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Sonatype IQ Server versions 143 through 170
Description
The issue allows remote authenticated attackers to overwrite or delete files via a specially crafted request.
Recommendations
For Sonatype IQ Server versions 143 through 170, update to version 171 to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sonatype Iq Server