Information Disclosure: Remote File System Listing in JUMP AMS 3.6.0.04.009-2487

Information Disclosure: Remote File System Listing in JUMP AMS 3.6.0.04.009-2487

CVE-2021-32017 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files.

Learn more about our Cis Benchmark Audit For Server Software.