HTTP: CA ERwin Web Portal Directory Traversal
This signature detects attempts to exploit a known vulnerability in CA ERwin Web Portal. This vulnerability is due to lack of authentication and insufficient input validation when processing HTTP requests. By sending crafted HTTP requests to the target system, a remote unauthenticated attacker can leverage this vulnerability to delete arbitrary files recursively on a target system.
Extended Description
Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors.
Affected Products
Ca erwin_web_portal
Short Name
HTTP:DIR:CA-ERWIN-WEB-PORTAL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CA CVE-2014-2210 Directory ERwin Portal Traversal Web bid:66644
Release Date
05/09/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Ca
CVSS Score
7.5