Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiRgodZDI-16-618
HistoryDec 13, 2016 - 12:00 a.m.

Attachmate Host Access Management and Security Server PassThru Information Disclosure Vulnerability

2016-12-1300:00:00
rgod
www.zerodayinitiative.com
10

0.136 Low

EPSS

Percentile

95.7%

JSON

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Attachmate Host Access Management and Security Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PassThru resource. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of the current process.

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2016-5765
2016-11-29 11:59:00
cve
cve
CVE-2016-5765
2016-11-29 11:59:00
prion
prion
Directory traversal
2016-11-29 11:59:00
cvelist
cvelist
CVE-2016-5765
2016-11-29 11:00:00

0.136 Low

EPSS

Percentile

95.7%

JSON
Related for ZDI-16-618
nvd1cve1prion1cvelist1