Summary
Vordel Gateway is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
A remote attacker could exploit this vulnerability using directory- traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.
Vordel Gateway 6.0.3 is vulnerable
other versions may also be
affected.
Solution
Reportedly, the issue is fixed
however, Symantec has not confirmed
this. Please contact the vendor for more information.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14