Remote File Exposure in VMware Identity Manager and vRealize Automation
CVE-2016-5334
5.3MEDIUM
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 29 December 2016
What is CVE-2016-5334?
VMware Identity Manager and vRealize Automation contain a vulnerability that allows remote attackers to access sensitive files, specifically within the /SAAS/WEB-INF and /SAAS/META-INF directories. This inadvertent exposure can enable attackers to gain insights into the application's backend configurations and sensitive information, potentially leading to further exploitation. It is important for users of these products to implement mitigations and ensure they are running the latest versions to protect against this vulnerability.