CVE-2014-6155

Sažetak

Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary files via unspecified vectors.

Reference

http://secunia.com/advisories/61805
http://www.ibm.com/support/docview.wss?uid=swg21693384
http://www.ibm.com/support/docview.wss?uid=swg21693387
http://www.ibm.com/support/docview.wss?uid=swg21693389
http://www-01.ibm.com/support/docview.wss?uid=swg1IV63585
https://exchange.xforce.ibmcloud.com/vulnerabilities/97678

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

08-09-2017 - 01:29

Objavljeno

24-12-2014 - 11:59