CVE-2011-1654
Severity
7.5HIGH
EPSS
3.3%
top 12.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 18
Latest updateMay 13
Description
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4