CVE-2014-6222

Currently unrated

Key Information:

Vendor: IBM
Status: Marketing Operations
Vendor: CVE Published:; 7 June 2015

Summary

Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21902933

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Jun 7, 2015
Vulnerability Reserved
Sep 2, 2014