CVE-2014-2933

Name of the Vulnerable Software and Affected Versions Caldera version 9.20

Description A directory traversal issue exists, allowing remote attackers to access arbitrary directories by providing a crafted pathname in dirmng/index.php.

Recommendations For Caldera version 9.20, update the dirmng/index.php file to properly sanitize and validate user-inputted pathnames to prevent directory traversal attacks. As a temporary workaround, consider restricting access to the dirmng/index.php file until a patch is available.