Short Name |
HTTP:DIR:CA-ERWIN-WEB-PORTAL |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
CA ERwin Web Portal Directory Traversal |
Release Date |
2014/05/08 |
Update Number |
2372 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in CA ERwin Web Portal. This vulnerability is due to lack of authentication and insufficient input validation when processing HTTP requests. By sending crafted HTTP requests to the target system, a remote unauthenticated attacker can leverage this vulnerability to delete arbitrary files recursively on a target system.
Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors.