CVE-2011-4404
CVE-2011-4404 concerns a directory-traversal vulnerability in Jetty’s HTTP server used by VMware vCenter Update Manager (VMware vSphere Update Manager) where the default Jetty config permits remote attackers to read arbitrary files via directory traversal. Affected are vUM 4.0.x (before Update 4)...