Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to the fileRequestor servlet, execute arbitrary files via a .. (dot dot) in the query parameter in a (2) run or (3) runClear action to the fileRequestor servlet, (4) read arbitrary files via a readDataFile action to the fileRequestor servlet, (5) execute arbitrary code via a save_server_groups action to the userRequest servlet, or (6) delete arbitrary files via a del action in the fileRequestServlet servlet.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rocket Servergraph 目录遍历漏洞
Vulnerability Description
Rocket ServerGraph是美国Rocket公司的一套企业级基于Web的用于数据备份和数据恢复的图表自动化管理软件。该软件支持管理备份计划、监控存储设备的使用情况和负载等。 Rocket ServerGraph 1.2版本的Admin Center for Tivoli Storage Manager (TSM)的fileRequestor servlet中存在目录遍历漏洞。远程攻击者可通过readDataFile命令利用该漏洞读取任意文件;通过del命令利用该漏洞删除任意文件;通过run和ru
CVSS Information
N/A
Vulnerability Type
N/A