Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0918

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2014-0918
Last Modified 16 May 2014 10:53:37
Published 16 May 2014 07:12:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0918

Summary

Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL.

Vulnerable Systems

Application

  • Ibm Websphere Portal 6.1.0.0

  • Ibm Websphere Portal 6.1.0.1

  • Ibm Websphere Portal 6.1.0.2

  • Ibm Websphere Portal 6.1.0.3

  • Ibm Websphere Portal 6.1.0.4

  • Ibm Websphere Portal 6.1.0.5

  • Ibm Websphere Portal 6.1.0.6

  • Ibm Websphere Portal 6.1.5.0

  • Ibm Websphere Portal 6.1.5.1

  • Ibm Websphere Portal 6.1.5.2

  • Ibm Websphere Portal 6.1.5.3

  • Ibm Websphere Portal 7.0.0.0

  • Ibm Websphere Portal 7.0.0.1

  • Ibm Websphere Portal 7.0.0.2

  • Ibm Websphere Portal 8.0.0.0

  • Ibm Websphere Portal 8.0.0.1


References

XF - ibm-iehs-cve20140918-traversal(91980)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21670753

AIXAPAR - PI14125


Last Updated: 27 May 2016 11:05:18