CVE-2014-6182

2014-12-1700:00:00

ibm

www.cve.org

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

49.1%

JSON

Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a … (dot dot) in a URL.

References

www-01.ibm.com/support/docview.wss?uid=swg1JR51234

www.ibm.com/support/docview.wss?uid=swg21692540

www.securitytracker.com/id/1031379

exchange.xforce.ibmcloud.com/vulnerabilities/98518