Directory Traversal Vulnerability in IBM InfoSphere Information Server
CVE-2024-52363

7.5HIGH

Key Information:

Vendor: IBM
Status: Infosphere Information Server
Vendor: CVE Published:; 17 January 2025

What is CVE-2024-52363?

IBM InfoSphere Information Server 11.7 is vulnerable to a directory traversal attack. An attacker can exploit this vulnerability by sending a specially crafted URL that includes 'dot dot' sequences, such as '/../', allowing them to access unauthorized files on the server. This could lead to the exposure of sensitive information, potentially compromising the integrity and confidentiality of the system.

Affected Version(s)

InfoSphere Information Server 11.7

References

https://www.ibm.com/support/pages/node/7176515

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 17, 2025
Vulnerability Reserved
Nov 10, 2024