Lucene search
RgodZDI-16-605HistoryNov 09, 2016 - 12:00 a.m.
CA Unified Infrastructure Management download_lar Directory Traversal Information Disclosure Vulnerability
2016-11-0900:00:00
rgod
www.zerodayinitiative.com
12
0.257 Low
EPSS
Percentile
96.7%
This vulnerability allows remote attackers to disclose sensitive information from vulnerable installations of CA Unified Infrastructure Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the download_lar servlet. The servlet is vulnerable to directory traversal and can be used to exfiltrate sensitive system files from the system.
Related
prion
prion
Design/Logic Flaw
2017-02-13 21:59:00
cvelist
cvelist
CVE-2016-5803
2017-02-13 21:00:00
nvd
nvd
CVE-2016-5803
2017-02-13 21:59:00
ics
ics
cve
cve
CVE-2016-5803
2017-02-13 21:59:00
openvas
openvas
CA Unified Infrastructure Management (UIM) Multiple Vulnerabilities
2016-11-11 00:00:00
nessus
nessus