Directory Traversal Vulnerability in Algo Risk Application by IBM
CVE-2013-6304

Currently unrated

Key Information:

Vendor: IBM
Status: Algo Risk Application; Algo One
Vendor: CVE Published:; 6 March 2014

What is CVE-2013-6304?

The Algo Risk Application (ARA) from IBM is impacted by multiple directory traversal vulnerabilities, allowing remote authenticated users to circumvent access controls by using specially crafted pathnames. These vulnerabilities affect versions 2.4.0.1 through 4.9.1 and can expose sensitive configuration and JAR files. Implementing proper validation and access controls is essential to mitigate these risks.

References

http://www.securityfocus.com/bid/65929

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21666093

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/88535

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 6, 2014
Vulnerability Reserved
Oct 31, 2013