Directory Traversal in IBM Maximo Asset Management
CVE-2014-6194

Currently unrated

Key Information:

Vendor: IBM
Status: Maximo Asset Management; Maximo For Utilities; Maximo For Life Sciences; Maximo For Nuclear Power
Vendor: CVE Published:; 17 February 2015

Summary

A directory traversal vulnerability exists in various versions of IBM Maximo Asset Management, enabling remote authenticated users to access arbitrary files by exploiting the pathname manipulation via '../' sequences. This flaw could lead to unauthorized disclosure of sensitive files, compromising the security and integrity of the asset management system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98605

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21694035

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 17, 2015
Vulnerability Reserved
Sep 2, 2014