The web application exposes files to the client. Some of these files are not essential for the working of the application. Furthermore, these files expose details of the inner working of the application. This information can aid in exploiting other vulnerabilities.
Some technical information about the application can be obtained.
YES: KSP-RE-266 v1.0
The following steps can be used to exploit this vulnerability:
1. Browse to the following URL: https://<NetOps Portal>:8443/pc/extjs/
2. The ExtJS default interface is shown. The /examples/ endpoint is not available, denying further exploitation of this component.
Release : 3.7
Component : CA DATABASE COMMAND CENTER
Renaming / deleting / moving the index.html will fix this bug.
By doing this, it will not have any impact on the existing product functionality:
1.mv /opt/CA/PerformanceCenter/PC/webapps/pc/extjs/index.html /opt/CA/PerformanceCenter/PC/webapps/pc/extjs/index.bak
2.mv /opt/CA/PerformanceCenter/PC/webapps/pc/extjs/index.html /tmp