CVE-2017-15607

CRITICAL

Inedo Otter < 1.7.4 - Path Traversal via Filesystem-Based Rafts

Title source: llm
STIX 2.1

Description

Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving '/' characters or initial '.' characters, aka OT-181.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://inedo.myjetbrains.com/youtrack/issue/OT-181
Vendor Advisory x_refsource_confirm
https://inedo.com/blog/otter-174-released

Scores

CVSS v3 9.8
EPSS 0.0172
EPSS Percentile 74.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
inedo/otter < 1.7.4
Published Dec 01, 2017
Tracked Since Feb 18, 2026