CVE-2014-0918

Sažetak

Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL.

Reference

http://www.securityfocus.com/bid/67340
http://www-01.ibm.com/support/docview.wss?uid=swg1PI14125
http://www-01.ibm.com/support/docview.wss?uid=swg21670753
https://exchange.xforce.ibmcloud.com/vulnerabilities/91980

CVSS

Base:	7.1
Impact:	6.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

16-05-2014 - 11:12