Bradford CampusManager Network Control Application Server 3.1(6) allows remote attackers to obtain sensitive information (backup, log, and configuration files) via direct request for certain files in (1) /runTime/ or (2) /remediationReports/.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Campusmanager_network_control_application_server | Bradford_networks | 3.1(6) (including) | 3.1(6) (including) |
References
- http://osvdb.org/35820
- http://secunia.com/advisories/25138
- http://securityreason.com/securityalert/2698
- http://www.john-martinelli.com/work/campusmanager.txt
- http://www.securityfocus.com/archive/1/467490/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34042
- http://osvdb.org/35820
- http://secunia.com/advisories/25138
- http://securityreason.com/securityalert/2698
- http://www.john-martinelli.com/work/campusmanager.txt
- http://www.securityfocus.com/archive/1/467490/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34042