Directory traversal

2016-09-2604:59:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.0%

JSON

Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a … (dot dot) in a URL.

CPENameOperatorVersion
spectrum_controleq5.2.9
spectrum_controleq5.2.8
spectrum_controleq5.2.10.1
spectrum_controleq5.2.10
tivoli_storage_productivity_centereq5.2.4.1
tivoli_storage_productivity_centereq5.2.7.1
tivoli_storage_productivity_centereq5.2.0
tivoli_storage_productivity_centereq5.2.4
tivoli_storage_productivity_centereq5.2.7
tivoli_storage_productivity_centereq5.2.2

Name	Operator	Version
spectrum_control	eq	5.2.9
spectrum_control	eq	5.2.8
spectrum_control	eq	5.2.10.1
spectrum_control	eq	5.2.10
tivoli_storage_productivity_center	eq	5.2.4.1
tivoli_storage_productivity_center	eq	5.2.7.1
tivoli_storage_productivity_center	eq	5.2.0
tivoli_storage_productivity_center	eq	5.2.4
tivoli_storage_productivity_center	eq	5.2.7
tivoli_storage_productivity_center	eq	5.2.2