A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://www.tenable.com/security/research/tra-2022-28 |
![]() ![]() |
History
Wed, 27 Aug 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-24 | |
Metrics |
cvssV3_1
|
ssvc
|

Status: PUBLISHED
Assigner: tenable
Published:
Updated: 2025-08-27T18:48:52.261Z
Reserved: 2022-08-10T00:00:00.000Z
Link: CVE-2022-38129

Updated: 2024-08-03T10:45:52.818Z

Status : Analyzed
Published: 2022-08-10T20:16:06.560
Modified: 2025-09-24T19:43:39.413
Link: CVE-2022-38129

No data.

No data.