CVE-2006-7164

2022-10-0316:21:25

mitre

www.cve.org

cve-2006-7164

ibm websphere

simplefileservlet

security challenge

remote attackers

secure files

sensitive information

linux

unix

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.8%

JSON

SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests.

References

www-1.ibm.com/support/docview.wss?uid=swg24013029