CVE-2016-5803

Summary

An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Affected Software

VendorProductVersion RangeStatus
n/aCA Unified Infrastructure Management 8.47 and earlierCA Unified Infrastructure Management 8.47 and earlieraffected

Weaknesses

  • CA Unified Infrastructure Management Directory Traversal Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References