High severity8.3NVD Advisory· Published Jan 2, 2018· Updated Jun 17, 2026

CVE-2017-1000438

Description

In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file on the underlying filesystem, then manipulate the user's data.

Affected products

Ome/Omeroinferred
Range: <=5.3.3
OMERO/OMEROllm-create
Range: <=5.3.3
Open Microscopy Environment/OMERO.webllm-fuzzy
Range: <=5.3.3

Patches

Vulnerability mechanics

References

www.openmicroscopy.org/security/advisories/2017-SV5-filename-2/nvdMitigationVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.540
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000