Vulnerability Details CVE-2022-38129
A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.227
EPSS Ranking 95.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-38129
-
cpe:2.3:a:keysight:sensor_management_server:2.4.0