Description

A security vulnerability exists in SearchBlox that allows an attacker to read arbitrary local files from the affected server.

Remediation

Upgrade to the latest version of SearchBlox

References

CVE-2020-35580

Related Vulnerabilities

RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8320)

Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816)

WordPress Plugin Simple Ads Manager Local File Inclusion (2.10.0.130)

WordPress Plugin Mailster-Email Newsletter for WordPress Local File Inclusion (4.0.6)

WordPress Plugin Image Optimizer by 10web-Image Optimizer and Compression Multiple Vulnerabilities (1.0.26)

Severity

High

Classification

CVE-2020-35580 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

File Inclusion