Vector Strings

Severity Score: 5.3
Severity: MEDIUM
Exploitability Score: 3.9
Impact Score: 1.4

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): NONE
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

Published Date: 2021-04-02
Last Modified: 2021-04-08

CVE-2021-3374

About:
Directory traversal in RStudio Shiny Server before 1.5.16 allows attackers to read the application source code, involving an encoded slash.

References

https://github.com/colemanjp/shinyserver-directory-traversal-source-code-leak
https://blog.rstudio.com/2021/01/13/shiny-server-1-5-16-update/

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo