Directory Traversal Vulnerabilities in IBM WebSphere Service Registry and Repository
CVE-2014-6155

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 24 December 2014

Summary

Multiple directory traversal vulnerabilities exist within the ServiceRegistry UI in IBM WebSphere Service Registry and Repository versions 7.5.0.4 and earlier, 8.0.0.3 and earlier, as well as 8.5.0.1 and earlier. These vulnerabilities allow remote authenticated users to access arbitrary files without proper authorization through unspecified vectors, potentially exposing sensitive data. Users are advised to apply the latest security updates and patches to mitigate these vulnerabilities effectively.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/97678

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21693389

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg21693384

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 24, 2014
Vulnerability Reserved
Sep 2, 2014