CVE-2018-9117 Security Details

CVE ID

CVE-2018-9117

CWE

CWE-22

CVE Description

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal.

Published

Apr 10, 2018

CVSS Score & Severity

5.3Medium

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.691%

Malware

malware

KEV Status

Not in KEV Catalog: No known exploits

Affected Ecosystems

affected

Source

National Vulnerability Database

References

groups.google.comTHIRD_PARTY