Security Advisory

CVE-2016-4314

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-02-16 18:00:00

Last updated 2024-08-06 00:25:14

Assigner certcc

State PUBLISHED

Description

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp.

← Browse all CVEs View on cve.org ↗