Filtered by vendor Jump-technology
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32018 | 1 Jump-technology | 1 Asset Management | 2024-11-21 | 4.0 MEDIUM | 8.5 HIGH |
| An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory traversal. | |||||
| CVE-2021-32017 | 1 Jump-technology | 1 Asset Management | 2024-11-21 | 4.0 MEDIUM | 9.9 CRITICAL |
| An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files. | |||||
| CVE-2021-32016 | 1 Jump-technology | 1 Asset Management | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem (with user-controlled content) via directory traversal, potentially leading to remote code and command execution. | |||||