Описание
Ericsson Mobile Switching Center Server (MSC-S) BC 18A and IS 3.1 releases before IS 3.1 CP22 allows Directory Traversal.
Ericsson Mobile Switching Center Server (MSC-S) BC 18A and IS 3.1 releases before IS 3.1 CP22 allows Directory Traversal.
Связанные уязвимости
CVSS3: 4.3
nvd
больше 2 лет назад
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.