CVE-2004-2493
UnknownEPSS 1.31%
Last modified
CVE-2004-2493 is a vulnerability of currently unknown severity. Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.. EPSS estimates a 1.31% chance of exploitation in the next 30 days.
Description
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hitachi | Groupmax World Wide Web | 2 |
| Hitachi | Groupmax World Wide Web | 02_00 |
| Hitachi | Groupmax World Wide Web | 02_20 |
| Hitachi | Groupmax World Wide Web | 02_20_a |
| Hitachi | Groupmax World Wide Web | 02_31_i |
| Hitachi | Groupmax World Wide Web | 3 |
| Hitachi | Groupmax World Wide Web | 03_00 |
| Hitachi | Groupmax World Wide Web | 03_10_h |
| Hitachi | Groupmax World Wide Web | 03_11_b |
| Hitachi | Groupmax World Wide Web Desktop | 5 |
| Hitachi | Groupmax World Wide Web Desktop | 05_00 |
| Hitachi | Groupmax World Wide Web Desktop | 05_11_f |
| Hitachi | Groupmax World Wide Web Desktop | 05_11_i |
| Hitachi | Groupmax World Wide Web Desktop | 05_11_j |
| Hitachi | Groupmax World Wide Web Desktop | 6 |
| Hitachi | Groupmax World Wide Web Desktop | 06_00 |
| Hitachi | Groupmax World Wide Web Desktop | 06_50_b |
| Hitachi | Groupmax World Wide Web Desktop | 06_50_c |
| Hitachi | Groupmax World Wide Web Desktop | 06_51 |
| Hitachi | Groupmax World Wide Web Desktop | 06_51_b |
| Hitachi | Groupmax World Wide Web Desktop | 06_51_c |
| Hitachi | Groupmax World Wide Web Desktop | 06_52 |
| Hitachi | Groupmax World Wide Web Desktop | 06_52_b |
| Hitachi | Groupmax World Wide Web Desktop | gold |
References
- http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.htmlPatch, Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-2493?
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
How severe is CVE-2004-2493?
Severity scoring for CVE-2004-2493 is pending analysis. The EPSS model estimates a 1.31% probability of exploitation in the next 30 days.
How do I fix CVE-2004-2493?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2004-2493?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST