Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CA Unified Infrastructure Management 目录遍历漏洞
Vulnerability Description
CA Unified Infrastructure Management(CA UIM,前称CA Nimsoft Monitor)是美国CA公司的一套统一的信息监控解决方案。该方案通过使用统一视图和后端架构来降低管理多个复杂IT监视工具的成本和复杂性。 CA UIM 8.4 Service Pack 1及之前的版本中存在目录遍历漏洞,该漏洞源于程序没有充分过滤用户提交的输入。远程攻击者可通过发送特制的请求利用该漏洞检索敏感的信息,执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A