=====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN408
_____________________________________________________________________

DATE                : 19/08/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Apache ServiceComb ServiceCenter
                              versions prior to 2.0.0.

=====================================================================
https://lists.apache.org/thread.html/r337be65e504eac52a12e89d7de40345e5d335deee9dd7288f7f59b81@%3Cannounce.apache.org%3E
_____________________________________________________________________


Severity: low

Description:

Improper configuration will cause ServiceComb ServiceCenter Directory
Traversal problem in ServcieCenter 1.x.x versions. This issue was
fixed in ServiceComb ServiceCenter 2.0.0.

References:
https://github.com/apache/servicecomb-service-center/pull/788


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================