CVE-2021-32017

Name of the Vulnerable Software and Affected Versions: JUMP AMS version 3.6.0.04.009-2487

Description: An issue was discovered in JUMP AMS where a JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, including all directories and files.

Recommendations: For JUMP AMS version 3.6.0.04.009-2487, consider restricting access to the JUMP SOAP endpoint to minimize the risk of exploitation. As a temporary workaround, disabling the endpoint until a patch is available can help mitigate the issue.