CVE-2017-10949
Description
Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesnt properly validate user provided path before using it in file operations. Was ZDI-CAN-4459.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
18.011
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability (CVE-2017-10949) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234