EMC VMAX3 VASA Provider UploadConfigurator Directory Traversal (CVE-2017-4997)
A directory traversal vulnerability exists in the EMC VMAX3 VASA Provider Virtual Appliance. The issue results from the servlet UploadConfigurator serving files that have been uploaded by a user. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the...