SWEditServlet.Directory.Traversal
Description
It indicates a directory traversal vulnerability in Screaming Media SiteWare product.
Screaming Media is a provider for custom web content. SiteWare Editor Desktop is the web-based administration tool for managing Screaming Media content. There exists a vulnerability in some versions of SiteWare Editor Desktop that allows attackers to read arbitrary webserver-readable files on the vulnerable host via special template parameters.
Affected Products
Any unprotected Screaming Media SiteWare 2.5, 2.5 01, 3.0, 3.0 1, 3.0 2 or 3.1 is vulnerable to the attack.
Impact
Attackers can read arbitrary webserver-readable files on the victim system.
Recommended Actions
Apply appropriate patches or Upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-01-10 | 22.472 | Name:SWEditServlet. DirectoryTraversal:SWEditServlet. Directory. Traversal |
2018-11-20 | 13.494 | Default_action:pass:drop |