Directory Traversal Vulnerability in IBM BladeCenter Advanced Management Module
CVE-2010-2655

Currently unrated

Key Information:

Vendor
IBM
Status
Advanced Management Module
Vendor
CVE Published:
8 July 2010

Summary

A directory traversal vulnerability exists in the IBM BladeCenter Advanced Management Module's file management functionality. This flaw enables remote authenticated users to navigate the directory structure by employing the '..' (dot dot) sequence in the DIR parameter. As a result, malicious users can potentially list arbitrary directories, leading to unauthorized access to sensitive information and system configuration files.

References

http://www.exploit-db.com/exploits/14237/
exploitx_refsource_EXPLOIT-DB
http://osvdb.org/66124
vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/41383
vdb-entryx_refsource_BID

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.