CVE-2014-2210 – CA ERwin Web Portal MIMM ProfileIconServlet Multiple Information Disclosure Vulnerabilities

https://notcve.org/view.php?id=CVE-2014-2210

03 Apr 2014 — Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors. Múltiples vulnerabilidades de salto de directorio en el portal web de CA ERwin 9.5 permiten a atacantes remotos obtener información sensible, evadir restricciones de acceso, causar una denegación de servicio o posiblemente ejecutar código arbitrario a través d... • http://www.securityfocus.com/bid/66644 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •