CVE-2024-47557

Pre-Auth RCE via Path Traversal
Configurations

Configuration 1 (hide)

cpe:2.3:a:xerox:freeflow_core:*:*:*:*:*:*:*:*

History

16 Oct 2024, 17:33

Type Values Removed Values Added
References () https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf - () https://securitydocs.business.xerox.com/wp-content/uploads/2024/10/Xerox-Security-Bulletin-XRX24-014-for-Xerox%C2%AE-FreeFlow%C2%AE-Core-v7.0-.pdf - Vendor Advisory
CPE cpe:2.3:a:xerox:freeflow_core:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 8.3
v2 : unknown
v3 : 9.8
First Time Xerox
Xerox freeflow Core

10 Oct 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) RCE previa a la autorización mediante Path Traversal

07 Oct 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-07 19:15

Updated : 2024-10-16 17:33


NVD link : CVE-2024-47557

Mitre link : CVE-2024-47557

CVE.ORG link : CVE-2024-47557


JSON object : View

Products Affected

xerox

  • freeflow_core
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')