Information Disclosure Vulnerability in IBM Netezza Performance Portal
CVE-2013-0470

Currently unrated

Key Information:

Vendor: IBM
Status: Netezza Performance Portal
Vendor: CVE Published:; 5 April 2013

What is CVE-2013-0470?

The IBM Netezza Performance Portal 1.0.2 contains a vulnerability that permits remote authenticated users to expose application directories. This can be exploited by sending direct requests to specific directory URIs, enabling attackers to enumerate and list sensitive asset files—such as images—stored on the server. This weakens the overall security of the application, allowing unauthorized access to potentially sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/81336

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21631945

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2013
Vulnerability Reserved
Dec 16, 2012