ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.iwantacve.cn/index.php/archives/132/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-08T06:00:00Z
Updated: 2024-09-16T16:57:59.907Z
Reserved: 2019-03-08T00:00:00Z
Link: CVE-2019-9632
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-03-08T07:29:00.233
Modified: 2024-11-21T04:52:00.643
Link: CVE-2019-9632
Redhat
No data.