CVE-2018-6293 Information

Description

Arbitrary File Read in Saperion Web Client version 7.5.2 83166.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/02/09/klcert-18-002-saperion-webclient-multiple-vulnerabilities-arbitrary-file-read-in-saperion-web-client/ https://ics-cert.kaspersky.com/alerts/2018/02/12/multiple-vulnerabilities-found-in-popular-document-management-system/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5