vendor:
JetAdmin Web Interface Server
by:
5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: JetAdmin Web Interface Server
Affected Version From:
Affected Version To:
Patch Exists: YES
Related CWE: CVE-2000-0814
CPE: a:hp:jetadmin_web_interface_server
Platforms Tested:
JetAdmin Web Interface Server Directory Traversal Vulnerability
By requesting a specially formed URL which includes "../" it is possible for a remote user to gain read-access to any files outside of the web-published directory.
Mitigation:
The vendor has released a patch to address this vulnerability. It is recommended to update to the latest version of JetAdmin Web Interface Server.
