CVE-2018-10207

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
vaultizeenterprise_file_sharing
17.05.31
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/
https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10207/