Information Disclosure Vulnerability in IBM Netezza Performance Portal
CVE-2013-0470

Currently unrated

Key Information:

Vendor
IBM
Status
Netezza Performance Portal
Vendor
CVE Published:
5 April 2013

Summary

The IBM Netezza Performance Portal 1.0.2 contains a vulnerability that permits remote authenticated users to expose application directories. This can be exploited by sending direct requests to specific directory URIs, enabling attackers to enumerate and list sensitive asset files—such as images—stored on the server. This weakens the overall security of the application, allowing unauthorized access to potentially sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/81336
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg21631945
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.