Kurmi Virtual Roadshow: Zoom through Your Zoom Provisioning with Kurmi - Watch On-Demand

Kurmi Software

Unified Communication - Automate & Simplify the management

CVE-2024-54453:

Description

  • An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15.
  • A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder, e.g., files such as the obfuscated and/or compiled Kurmi source code.

Vulnerability Type

  • Directory Traversal