CVE-2014-2536
https://notcve.org/view.php?id=CVE-2014-2536
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows remote authenticated users to read an unspecified file containing a hash of the administrator password via unknown vectors. Vulnerabilidad de salto de directorio en McAfee Cloud Identity Manager 3.0, 3.1 y 3.5.1, McAfee Cloud Single Sign On (MCSSO) anterior a 4.0.1 e Intel Expressway Cloud Access 360-SSO 2.1 y 2.5 permite a usuarios remotos autenticados leer un archivo no especificado que contiene un hash de la contraseña de administrador a través de vectores desconocidos. • http://secunia.com/advisories/57368 http://secunia.com/advisories/57381 http://www.securityfocus.com/bid/66181 https://kc.mcafee.com/corporate/index?page=content&id=SB10066 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •