CVE-2024-41765

🗓️ 04 Jan 2025 14:36:13Reported by ibmType

IBM Engineering Lifecycle Optimization vulnerable to directory traversal via crafted URL requests.

Reporter	Title	Published	Views	Family All 8
IBM Security Bulletins	Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted	15 Apr 202503:30	–	ibm
Circl	CVE-2024-41765	4 Jan 202514:42	–	circl
CNNVD	IBM Engineering Lifecycle Optimization 路径遍历漏洞	4 Jan 202500:00	–	cnnvd
Cvelist	CVE-2024-41765 IBM Engineering Lifecycle Optimization - Publishing directory traversal	4 Jan 202514:36	–	cvelist
EUVD	EUVD-2024-38902	3 Oct 202520:07	–	euvd
NVD	CVE-2024-41765	4 Jan 202515:15	–	nvd
RedhatCVE	CVE-2024-41765	23 May 202506:57	–	redhatcve
Vulnrichment	CVE-2024-41765 IBM Engineering Lifecycle Optimization - Publishing directory traversal	4 Jan 202514:36	–	vulnrichment

NVD

Vulners

Node

ibm engineering_lifecycle_optimization_publishingMatch7.0.2-

ibm engineering_lifecycle_optimization_publishingMatch7.0.3-

AND

linux linux_kernelMatch-

microsoft windowsMatch-

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.3:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Engineering Lifecycle Optimization Publishing",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.2, 7.0.3"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7180201

21 Mar 2025 14:13Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.5

EPSS0.001

SSVC

CWE-22