CVE-2017-1000438

Description

In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file on the underlying filesystem, then manipulate the user's data.

CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2017-1000438
Base Score: 8.3
Base Severity: HIGH
Vector String:CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

nvd
CVE ID: CVE-2017-1000438
Base Score: 6.5
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:S/C:P/I:P/A:P

Refrence: NVD

Description​

Description