Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal Write/Delete/Partial Read at AgentConfigurationServlet
Vulnerability Description
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be injected.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Aternity SteelCentral AppInternals 路径遍历漏洞
Vulnerability Description
Aternity SteelCentral AppInternals是美国Aternity公司的一个监控现代自动化解决方案。提供应用程序性能监控 (APM) 和诊断。 Aternity SteelCentral AppInternals Dynamic Sampling Agent(DSA) AgentConfigurationServlet存在安全漏洞,该漏洞允许注入恶意负载的用户输入的输入验证。
CVSS Information
N/A
Vulnerability Type
N/A