Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Veritas InfoScale Operations Manager路径遍历漏洞
Vulnerability Description
Veritas Infoscale Operations Manager是美国Veritas公司的一套用于对整个InfoScale部署进行管理的软件。该软件提供多集群管理、定制接口和集中式审计记录等功能。 Veritas InfoScale Operations Manager 7.4.2 Patch 600和8.0.0Patch 100之前版本存在安全漏洞,该漏洞源于web服务器admin/cgi-bin/rulemgr.pl/getfile/ 中的数据缺少有效的过滤与转义,允许远程认证的管理员通过目录
CVSS Information
N/A
Vulnerability Type
N/A