Backup Files Disclosure vulnerability in Security Analytics
search cancel

Backup Files Disclosure vulnerability in Security Analytics

book

Article ID: 381136

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

This vulnerability states that someone could possibly retrieve file backups from the remote web server by appending various suffices to the names of various files on the remote host.  It seems possible to retrieve their contents, which may result in disclosure of sensitive information.

Resolution

Security analytics is not vulnerable to this particular issue. There might be a false positive because the appliance has certain urls that will return a 200 no matter what is at the end of it.  But the vulnerability as documented does not affect Security Analytics.