CVE-2017-2240

MEDIUM

AssetView <9.2.0 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service".

References (2)

[Third Party Advisory] http://jvn.jp/en/vu/JVNVU93377948/index.html

[Patch, Vendor Advisory] https://www.hammock.jp/assetview/info/170714.html

Scores

CVSS v3 6.5

EPSS 0.0076

EPSS Percentile 73.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (2)

hammock/assetview

Hammock Corporation/AssetView for MacOS < Ver.9.2.0 and earlier versions

Published Jul 17, 2017

Tracked Since Feb 18, 2026