2 matches found
CVE-2018-1744
CVE-2018-1744 affects IBM Security Key Lifecycle Manager (SKLM) 2.5–3.0 and enables a remote attacker to traverse directories via crafted URLs containing dot-dot sequences (/../), allowing viewing of arbitrary files. The IBM bulletin lists affected SKLM versions 2.5 (up to 2.5.0.9), 2.6 (up to 2....
Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Path Traversal (CVE-2018-1744)
Summary IBM Security Key Lifecycle Manager could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. Vulnerability Details CVEID: CVE-2018-1744 DESCRIPTION:...