Lucene search

K
cve[email protected]CVE-2016-5946
HistorySep 26, 2016 - 4:59 a.m.

CVE-2016-5946

2016-09-2604:59:18
CWE-200
web.nvd.nist.gov
20
ibm spectrum control
vulnerability
directory traversal
security
nvd
cve-2016-5946

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

42.9%

Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a … (dot dot) in a URL.

Affected configurations

NVD
Node
ibmspectrum_controlMatch5.2.8
OR
ibmspectrum_controlMatch5.2.9
OR
ibmspectrum_controlMatch5.2.10
OR
ibmspectrum_controlMatch5.2.10.1
Node
ibmtivoli_storage_productivity_centerMatch5.2.0
OR
ibmtivoli_storage_productivity_centerMatch5.2.1
OR
ibmtivoli_storage_productivity_centerMatch5.2.1.1
OR
ibmtivoli_storage_productivity_centerMatch5.2.2
OR
ibmtivoli_storage_productivity_centerMatch5.2.3
OR
ibmtivoli_storage_productivity_centerMatch5.2.4
OR
ibmtivoli_storage_productivity_centerMatch5.2.4.1
OR
ibmtivoli_storage_productivity_centerMatch5.2.5
OR
ibmtivoli_storage_productivity_centerMatch5.2.5.1
OR
ibmtivoli_storage_productivity_centerMatch5.2.6
OR
ibmtivoli_storage_productivity_centerMatch5.2.7
OR
ibmtivoli_storage_productivity_centerMatch5.2.7.1

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

42.9%

Related for CVE-2016-5946