1 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. MicroStrategy Enterprise Manager versión 2022, permite omitir la autenticación al provocar un fallo en el inicio de sesión y luego introducir la subcadena Uid=/../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login para un salto de directorio • https://github.com/haxpunk1337/Microstrategy-Poc/blob/main/poc • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •