Описание
In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file downloads.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.5 (исключая)
cpe:2.3:a:lenovo:xclarity_integrator:*:*:*:*:*:vcenter:*:*
EPSS
Процентиль: 54%
0.00311
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file downloads.
EPSS
Процентиль: 54%
0.00311
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-20