An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The Download Log feature in System / Maintenance was susceptible to a local file inclusion vulnerability (when processing remote input in the log files downloaded by an authenticated administrator user), leading to the ability to read arbitrary files on the server filesystems.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-07T12:54:16
Updated: 2024-08-04T02:27:31.492Z
Reserved: 2021-08-25T00:00:00
Link: CVE-2021-40095
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-12-07T13:15:07.797
Modified: 2024-11-21T06:23:32.873
Link: CVE-2021-40095
Redhat
No data.