{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2015-10043","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2023-01-13T20:44:18.459Z","datePublished":"2023-01-14T20:58:03.296Z","dateUpdated":"2024-08-06T08:58:26.232Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2023-10-20T08:11:16.301Z"},"title":"abreen Apollo path traversal","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-22","lang":"en","description":"CWE-22 Path Traversal"}]}],"affected":[{"vendor":"abreen","product":"Apollo","versions":[{"version":"n/a","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The patch is named 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218307."},{"lang":"de","value":"Es wurde eine kritische Schwachstelle in abreen Apollo gefunden. Es geht dabei um eine nicht klar definierte Funktion. Dank Manipulation des Arguments file mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Patch wird als 6206406630780bbd074aff34f4683fb764faba71 bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":5.5,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.5,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.2,"vectorString":"AV:A/AC:L/Au:S/C:P/I:P/A:P"}}],"timeline":[{"time":"2023-01-13T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2023-01-13T00:00:00.000Z","lang":"en","value":"CVE reserved"},{"time":"2023-01-13T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2023-02-07T09:02:10.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"VulDB GitHub Commit Analyzer","type":"tool"}],"references":[{"url":"https://vuldb.com/?id.218307","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.218307","tags":["signature","permissions-required"]},{"url":"https://github.com/abreen/Apollo/commit/6206406630780bbd074aff34f4683fb764faba71","tags":["patch"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-18T18:00:09.281116Z","id":"CVE-2015-10043","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-18T18:00:16.573Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T08:58:26.232Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.218307","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.218307","tags":["signature","permissions-required","x_transferred"]},{"url":"https://github.com/abreen/Apollo/commit/6206406630780bbd074aff34f4683fb764faba71","tags":["patch","x_transferred"]}]}]}}