Security Advisory

CVE-2020-5804

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-08 15:12:54

Last updated 2024-08-04 08:39:25

Assigner tenable

State PUBLISHED

Description

Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. The deleteEventLogFile method of the GWTTestServiceImpl class lacks proper validation of a user-supplied path prior to using it in file deletion operations. An authenticated, remote attacker can leverage this vulnerability to delete arbitrary remote files as SYSTEM or root.

← Browse all CVEs View on cve.org ↗