|CVSS SCORE||7.8, (AV:N/AC:L/Au:N/C:C/I:N/A:N)|
Firewall Security Manager
The specific flaw exists within the FSMWebService service. The issue lies within the DownloadFileServlet servlet which fails to prevent directory traversal within all parameters. An attacker can leverage this vulnerability to retrieve arbitrary files as the SYSTEM user.
SolarWinds has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Andrea Micalizzi aka rgod