Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiRgodZDI-16-607
HistoryNov 09, 2016 - 12:00 a.m.

CA Unified Infrastructure Management diag Path Traversal Information Disclosure Vulnerability

2016-11-0900:00:00
rgod
www.zerodayinitiative.com
12

EPSS

0.032

Percentile

91.3%

JSON

This vulnerability allows remote attackers to disclose sensitive information from vulnerable installations of CA Unified Infrastructure Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the diag.jsp servlet. The servlet is vulnerable to directory traversal and can be used to exfiltrate sensitive system files from the system.

Related

cvelist 1
prion 1
cve 1
nvd 1
openvas 1
nessus 1
cvelist
cvelist
CVE-2016-9164
2017-03-07 15:00:00
prion
prion
Directory traversal
2017-03-07 15:59:00
cve
cve
CVE-2016-9164
2017-03-07 15:59:00
nvd
nvd
CVE-2016-9164
2017-03-07 15:59:00
openvas
openvas
CA Unified Infrastructure Management (UIM) Multiple Vulnerabilities
2016-11-11 00:00:00
nessus
nessus
CA Unified Infrastructure Management < 8.4 SP2 Multiple Information Disclosure Vulnerabilities (CA20161109-01)
2016-12-09 00:00:00

EPSS

0.032

Percentile

91.3%

JSON
Related for ZDI-16-607
cvelist1prion1cve1nvd1openvas1nessus1