2 matches found
Directory traversal
Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter to log...
CVE-2014-0115
The CVE-2014-0115 entry describes a directory traversal vulnerability in the log viewer of Apache Storm 0.9.0.1. An attacker can use a .. sequence in the log file parameter to read arbitrary files, potentially exposing sensitive data. The connected sources reiterate this flaw (path traversal in A...