{"containers":{"cna":{"affected":[{"product":"LAquis SCADA software","vendor":"LCDS - LeÃ£o Consultoria e Desenvolvimento de Sistemas LTDA ME","versions":[{"status":"affected","version":"versions prior to version 4.1.0.3237"}]}],"datePublic":"2017-03-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-22","description":"Path traversal CWE-22","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2018-04-18T09:57:01.000Z","orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert"},"references":[{"name":"42885","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/42885/"},{"name":"97055","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/97055"},{"tags":["x_refsource_MISC"],"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","DATE_PUBLIC":"2017-03-23T00:00:00","ID":"CVE-2017-6020","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"LAquis SCADA software","version":{"version_data":[{"version_value":"versions prior to version 4.1.0.3237"}]}}]},"vendor_name":"LCDS - LeÃ£o Consultoria e Desenvolvimento de Sistemas LTDA ME"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Path traversal CWE-22"}]}]},"references":{"reference_data":[{"name":"42885","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/42885/"},{"name":"97055","refsource":"BID","url":"http://www.securityfocus.com/bid/97055"},{"name":"https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01","refsource":"MISC","url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T15:18:49.618Z"},"title":"CVE Program Container","references":[{"name":"42885","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/42885/"},{"name":"97055","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/97055"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01"}]}]},"cveMetadata":{"assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","assignerShortName":"icscert","cveId":"CVE-2017-6020","datePublished":"2018-04-17T14:00:00.000Z","dateReserved":"2017-02-16T00:00:00.000Z","dateUpdated":"2024-09-17T04:14:47.260Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}