A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.tenable.com/security/research/tra-2022-28 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: tenable
Published: 2022-08-10T16:04:27
Updated: 2024-08-03T10:45:52.818Z
Reserved: 2022-08-10T00:00:00
Link: CVE-2022-38129
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-08-10T20:16:06.560
Modified: 2022-08-15T16:13:15.710
Link: CVE-2022-38129
Redhat
No data.