CVE-2018-10207
MEDIUMVaultize Enterprise File Sharing <17.05.31 - Info Disclosure
Title source: llmDescription
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format.
References (2)
Core 2
Core References
Various Sources
https://cds.thalesgroup.com/en/tcs-cert/CVE-2018-10207
Third Party Advisory
https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/
Scores
CVSS v3
5.3
EPSS
0.0106
EPSS Percentile
60.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-862
Status
published
Products (1)
vaultize/enterprise_file_sharing
17.05.31
Published
Apr 25, 2018
Tracked Since
Feb 18, 2026