CVE-2019-18338

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains a directory traversal vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker with network access to the CCS server could exploit this vulnerability to list arbitrary directories or read files outside of the CCS application context.

Se ha identificado una vulnerabilidad en Control Center Server (CCS) (Todas las versiones anteriores a V1.5.0). El Servidor de Control Center (CCS) contiene una vulnerabilidad de traspaso de directorios en su protocolo de comunicación basado en XML proporcionado por defecto en los puertos 5444/tcp y 5440/tcp. Un atacante remoto autentificado con acceso a la red del servidor CCS podría explotar esta vulnerabilidad para listar directorios arbitrarios o leer archivos fuera del contexto de la aplicación CCS