An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as “…” that can resolve to a location that is outside of that directory.
CPE | Name | Operator | Version |
---|---|---|---|
unified_infrastructure_management | le | 8.47 |