An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory traversal.
Metrics
CVSS Version: 3.1 |
Base Score: 8.5 HIGH Vector: CVSS:3.1/AC:L/AV:N/A:L/C:H/I:N/PR:L/S:C/UI:N