Intrusion Prevention



This indicates an attack attempt against a Directory Traversal vulnerability in CA Unified Infrastructure Management.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests to download_lar.jsp. A remote attacker can exploit this to download arbitrary file from the target server via a crafted request.

Affected Products

CA Unified Infrastructure Management prior to r8.4 SP2
CA Unified Infrastructure Management Snap prior to r8.4 SP2


Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

CVE References