Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Management Console ITMS 路径遍历漏洞
Vulnerability Description
Symantec Management Console是美国赛门铁克(Symantec)公司的一套管理控制台程序。该程序用于管理Symantec Management Platform和其他Symantec解决方案的基于Web的用户界面。 Symantec Management Console ITMS 8.1 RU4之前的版本中存在目录遍历漏洞,该漏洞源于程序没有正确的过滤用户提交的输入。攻击者可通过发送带有‘../’的特制请求利用该漏洞检索受影响系统上的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A