Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects Bitdefender GravityZone versions prior to 3.3.8.272
References
Configurations
History
21 Nov 2024, 06:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.1 |
References | () https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-the-gravityzone-productmanager-updateserver-kitsmanager-api-va-10146 - Vendor Advisory |
Information
Published : 2021-12-16 15:15
Updated : 2024-11-21 06:23
NVD link : CVE-2021-3960
Mitre link : CVE-2021-3960
CVE.ORG link : CVE-2021-3960
JSON object : View
Products Affected
bitdefender
- gravityzone
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')