Описание
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.
Дополнительная информация
Статус:
Critical
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=2390826Securden-Unified-PAM: Securden Unified PAM Path Traversal In File Upload
EPSS
Процентиль: 74%
0.00839
Низкий
Связанные уязвимости
CVSS3: 9.4
nvd
4 месяца назад
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.
CVSS3: 9.4
github
4 месяца назад
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.
EPSS
Процентиль: 74%
0.00839
Низкий