CVE-2024-28064

Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations (with displayLoginChunkedImages) and write operations (with storeLoginChunkedImages).

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.objectif-securite.ch/advisories/totemomail-path-traversal.txt

Configurations

No configuration.

History

06 Sep 2024, 18:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~9.1~~	v2 : unknown v3 : 9.8

01 Aug 2024, 13:48

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.1
Summary		(es) Kiteworks Totemomail 7.x y 8.x anteriores a 8.3.0 permiten directory traversal en /responsiveUI/EnvelopeOpenServlet messageId para operaciones de lectura y eliminación de archivos no autenticados (con displayLoginChunkedImages) y operaciones de escritura (con storeLoginChunkedImages).
CWE		CWE-26

18 May 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-18 22:15

Updated : 2024-09-06 18:35

NVD link : CVE-2024-28064

Mitre link : CVE-2024-28064

CVE.ORG link : CVE-2024-28064

JSON object : View

Products Affected

No product.

CWE

CWE-26

Path Traversal: '/dir/../filename'

9.8 /10