5 matches found
CVE-2023-38012
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
CVE-2023-38012
creationtimestamp| type| source ---|---|--- 2025-01-25 13:54:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113889329982951130 2025-01-25 14:05:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3078 2025-01-25 17:06:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3100...
CVE-2023-38012 IBM Cloud Pak System directory traversal
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
CVE-2023-38012
CVE-2023-38012 affects IBM Cloud Pak System versions 2.3.3.6–2.3.4.0. A path traversal flaw allows a remote attacker to view arbitrary system files by crafting URL requests containing "dot dot" sequences (/../). IBM and CVE records cite the impact as directory traversal with CVSS v3.1 base score ...
CVE-2023-38012 IBM Cloud Pak System directory traversal
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...