First published: Sun Jul 25 2021(Updated: )
NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Nchsoftware Ivm Attendant | <=5.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37443 is a vulnerability in NCH IVM Attendant v5.12 and earlier that allows path traversal via the logdeleteselected check0 parameter for file deletion.
CVE-2021-37443 has a severity rating of 8.1 (High).
NCH IVM Attendant version 5.12 and earlier are affected by CVE-2021-37443.
The CWE for CVE-2021-37443 is CWE-22.
Update NCH IVM Attendant to a version later than 5.12 to fix CVE-2021-37443.