Vulnerability Description
An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | Susiaccess | <= 3.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94629Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04MitigationThird Party AdvisoryUS Government Resource
- https://www.exploit-db.com/exploits/42401/
- https://www.exploit-db.com/exploits/42402/
- http://www.securityfocus.com/bid/94629Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04MitigationThird Party AdvisoryUS Government Resource
- https://www.exploit-db.com/exploits/42401/
- https://www.exploit-db.com/exploits/42402/
FAQ
What is CVE-2016-9349?
CVE-2016-9349 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
How severe is CVE-2016-9349?
CVE-2016-9349 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9349?
Check the references section above for vendor advisories and patch information. Affected products include: Advantech Susiaccess.