CVE Details
Basic Information
| Title |
JeeWMS File filedeal.do filedeal access control |
| Type |
cve |
| Published |
2025-05-31T19:00:08.306Z |
| Last Seen |
|
Product Information
| Vendor |
n/a |
| Product |
JeeWMS |
| Version |
20250504 |
CVSS Information
| Base Score |
5.3 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical vulnerability in JeeWMS allows remote attackers to bypass access controls via the /systemController/filedeal.do endpoint, potentially leading to unauthorized access and manipulation of files. |
| AI Severity |
Medium |
| Vendor |
JeeWMS |
| Product |
JeeWMS |
| Affected Version |
Up to 20250504 |
Additional Information
| CVE List |
|
| CWE List |
CWE-284, CWE-266 |
| Bulletin Family |
|
| Source Data |
n/a JeeWMS 20250504 |
Source Information
| Source Data |
n/a JeeWMS 20250504 |
| Source Link |
|
Description
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
CVSS Score Summary
View Full CVE Details
