Zip Slip Vulnerability in IBM Case Manager Software
CVE-2018-1884
4.8MEDIUM
Summary
IBM Case Manager software versions 5.2.0.0 to 5.3.3.0 are susceptible to a zip slip vulnerability, allowing remote attackers to potentially execute arbitrary code via crafted zip files. This exploitation leverages directory traversal techniques, posing significant security risks for affected installations. Users are advised to apply the latest security patches to mitigate this vulnerability.
Affected Version(s)
Case Manager 5.2.0.0
Case Manager 5.2.0.4
Case Manager 5.2.1.0
References
CVSS V3.1
Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved