CVE-2018-10207

MEDIUM

Vaultize Enterprise File Sharing <17.05.31 - Info Disclosure

Title source: llm
STIX 2.1

Description

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format.

Scores

CVSS v3 5.3
EPSS 0.0106
EPSS Percentile 60.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-862
Status published
Products (1)
vaultize/enterprise_file_sharing 17.05.31
Published Apr 25, 2018
Tracked Since Feb 18, 2026