CVE-2014-5359
SafeNet Authentication Service Outlook Web Access Agent < 1.03.20212 - Path Traversal via GetFile Parameter
Title source: llmDescription
Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (dot dot) in the GetFile parameter to owa/owa.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
http://www.safenet-inc.com/technical-support/security-updates/
Exploit x_refsource_misc
http://appcheck-ng.com/safenet-sas-owa-agent-directory-traversal-vulnerability/
Scores
EPSS
0.0385
EPSS Percentile
88.9%
Details
CWE
CWE-22
Status
published
Products (1)
safenet-inc/safenet_authentication_service_outlook_web_access_agent
< 1.03.20212
Published
Dec 16, 2014
Tracked Since
Feb 18, 2026