How severe is CVE-2024-33620?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2024-33620?

This is classified as CWE-36, which is a common weakness in software security.

CVE-2024-33620

HIGH Year: 2024

CVSS v3 Score

8.6

High

Weakness Type

CWE-36

View all →

Vulnerability Description

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker.

CVE-2024-48248

HIGH

CVSS:8.6(High)

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because P...

CWE-362024

CVE-2022-20958

HIGH

CVSS:8.8(High)

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack o...

CWE-362022

CVE-2023-40597

HIGH

CVSS:8.8(High)

In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.

CWE-362023

CVE-2023-5022

HIGH

CVSS:8.8(High)

A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/select_templets_post.php. The...

CWE-362023