IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view modify files on the system. IBM X-Force ID: 271196.
Max CVSS
9.1
EPSS Score
0.08%
Published
2023-12-20
Updated
2023-12-22
IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM X-Force ID: 269536.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-12-18
Updated
2023-12-22
IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 266893.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-09-28
Updated
2023-10-03
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 260575.
Max CVSS
8.1
EPSS Score
0.07%
Published
2024-02-02
Updated
2024-02-09
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333
Max CVSS
7.5
EPSS Score
0.13%
Published
2023-02-17
Updated
2023-02-28
IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 239427.
Max CVSS
7.5
EPSS Score
0.14%
Published
2023-01-26
Updated
2023-02-01
IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access to. IBM X-Force ID: 235873.
Max CVSS
7.5
EPSS Score
0.10%
Published
2022-09-19
Updated
2022-09-21
IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 228582.
Max CVSS
7.5
EPSS Score
0.06%
Published
2023-10-14
Updated
2023-10-18
IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID: 228579.
Max CVSS
9.1
EPSS Score
0.08%
Published
2023-09-08
Updated
2023-09-12
IBM Host firmware for LC-class Systems could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request that would allow them to delete arbitrary files on the system. IBM X-Force ID: 200558.
Max CVSS
8.5
EPSS Score
0.13%
Published
2021-05-25
Updated
2021-06-01
IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to read and delete arbitrary files on the system. IBM X-Force ID: 198435.
Max CVSS
8.8
EPSS Score
0.21%
Published
2021-06-07
Updated
2021-06-10
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.
Max CVSS
7.8
EPSS Score
0.23%
Published
2021-02-18
Updated
2021-02-22
IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 192953.
Max CVSS
7.5
EPSS Score
0.12%
Published
2023-03-01
Updated
2023-03-10
A path traversal vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted file path in URL request to view arbitrary files on the system. IBM X-Force ID: 189154.
Max CVSS
7.5
EPSS Score
0.23%
Published
2020-10-12
Updated
2020-10-19
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID: 175898.
Max CVSS
8.8
EPSS Score
4.46%
Published
2020-04-15
Updated
2022-04-18
IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 163681.
Max CVSS
7.5
EPSS Score
0.43%
Published
2019-08-20
Updated
2022-12-02
IBM Maximo Asset Management 7.6 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162887.
Max CVSS
7.5
EPSS Score
0.43%
Published
2019-07-17
Updated
2022-12-03
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 159883.
Max CVSS
7.5
EPSS Score
0.43%
Published
2019-06-27
Updated
2023-02-03
IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to write or view arbitrary files on the system. IBM X-Force ID: 158919.
Max CVSS
9.1
EPSS Score
0.26%
Published
2019-04-15
Updated
2019-05-09
IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerable to a "zip slip" vulnerability which could allow a remote attacker to execute code using directory traversal techniques. IBM X-Force ID: 151970.
Max CVSS
7.8
EPSS Score
0.54%
Published
2018-11-12
Updated
2019-10-09
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 148423.
Max CVSS
7.7
EPSS Score
0.11%
Published
2018-10-15
Updated
2019-10-09
The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.
Max CVSS
7.4
EPSS Score
0.20%
Published
2018-08-20
Updated
2019-10-09
IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144655.
Max CVSS
7.7
EPSS Score
0.11%
Published
2018-10-05
Updated
2019-10-09
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144343.
Max CVSS
7.7
EPSS Score
0.17%
Published
2019-04-02
Updated
2019-10-09
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 133638.
Max CVSS
7.5
EPSS Score
0.18%
Published
2018-01-09
Updated
2018-01-31
40 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!