Security Advisory

CVE-2020-12251

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-29 13:02:36
Last updated 2024-08-04 11:48:58
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve directory traversal via a ../ sequence and, for example, obtain a complete directory listing of the machine.