Bradford CampusManager v3.1(6) Sensitive Data Disclosure

Bradford CampusManager v3.1(6) Sensitive Data Disclosure

The following directories should be protected from world readability. Child folders include backup, log, and configuration files.

http://cmnms.target.com:8080/runTime/
http://cmnms.target.com:8080/remediationReports/

Vulnerable: CampusManager Network Control Application Server v3.1(6) (others should also be affected)

John Martinelli
john (at) martinelli (dot) com [email concealed]
http://john-martinelli.com

May 3rd, 2007