A Directory Traversal Vulnerability was identified in Oracle Enterprise Manager Application Testing Suite. The vulnerability can be exploited over the HTTP protocol. A remote, unauthenticated attacker can exploit this vulnerability to download arbitrary files from the target server.
This vulnerability affects the following supported versions:
- Oracle Application Testing Suite 220.127.116.11
- Oracle Application Testing Suite 18.104.22.168
The vulnerability has been patched by the vendor, please find the details here. (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html)
This vulnerability is referred by CVE as CVE-2016-0484.
It is time to patch you Security Device to prevent this.
Have a good time.
(Be knowledgeable, pass it on then)