2 matches found
CVE-2019-4252
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 159883...
CVE-2019-4252
CVE-2019-4252 affects IBM Rational Collaborative Lifecycle Management and related Jazz-based products (CLM 6.0–6.0.6.1; including RTC/RQM/RRC and associated components). Root cause: directory traversal via crafted URL requests containing "/../" sequences, enabling a remote attacker to view arbitr...