Security Advisory

CVE-2017-10949

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-08-04 15:00:00

Last updated 2024-09-16 23:15:55

Assigner zdi

State PUBLISHED

Description

Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesnt properly validate user provided path before using it in file operations. Was ZDI-CAN-4459.

← Browse all CVEs View on cve.org ↗