CVE-2014-6154

Currently unrated

Key Information:

Vendor: IBM
Status: Optim Performance Manager
Vendor: CVE Published:; 13 February 2015

Summary

Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/97677

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21696000

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 13, 2015
Vulnerability Reserved
Sep 2, 2014