| |
Vulnerability CVE-2014-6154
Published: 2015-02-12 Modified: 2015-02-13
| Description: |
Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL. |
CVSS2 => (AV:N/AC:L/Au:N/C:C/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.8/10 |
6.9/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
None |
None |
References: |
http://www-01.ibm.com/support/docview.wss?uid=swg21696000
https://exchange.xforce.ibmcloud.com/vulnerabilities/97677
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
