ACN-CVEs/CVE-2024-48735

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-48735 ↗	Oct 30, 2024Wednesday, 30 October 2024, 21:15	7.7 HIGH	—
Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspace/{InternalPath} in SAS Studio 9.4 allows remote attacker to access internal files by manipulating default path during file download. NOTE: this is disputed by the vendor because these filesystem paths are allowed for authorized users.