{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T21:25:54.720","vulnerabilities":[{"cve":{"id":"CVE-2019-17327","sourceIdentifier":"vuln@krcert.or.kr","published":"2019-11-08T18:15:13.467","lastModified":"2024-11-21T04:32:05.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file."},{"lang":"es","value":"Las versiones JEUS 7 Fix#0~5 y JEUS 8 Fix#0~1, contienen una vulnerabilidad de salto de directorio causada por una comprobación inapropiada de los parámetros de entrada cuando se actualiza el archivo de instalación en la página web de administración. Esto conlleva al atacante remoto a ejecutar código arbitrario por medio del archivo cargado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tmaxsoft:jeus:7:fix_0:*:*:*:*:*:*","matchCriteriaId":"30A1BF9A-C29E-420A-AF80-E6AAB1F54D91"},{"vulnerable":true,"criteria":"cpe:2.3:a:tmaxsoft:jeus:7:fix_5:*:*:*:*:*:*","matchCriteriaId":"3EAD3E3A-BD44-4A40-B338-E2A0B73A11EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:tmaxsoft:jeus:8:fix_0:*:*:*:*:*:*","matchCriteriaId":"F1B87C92-273A-43E5-AF78-E2E5F92AA4ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:tmaxsoft:jeus:8:fix_1:*:*:*:*:*:*","matchCriteriaId":"394242F2-D8AF-420C-AFEC-C350F083B2E9"}]}]}],"references":[{"url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35197","source":"vuln@krcert.or.kr","tags":["Patch","Third Party Advisory"]},{"url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35197","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}