Directory Traversal Vulnerability in IBM InfoSphere Optim Test Data Fabrication
CVE-2026-3366

7.5HIGH

Key Information:

Vendor: IBM
Status: Infosphere Optim Test Data Fabrication
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-3366?

A vulnerability in IBM InfoSphere Optim Test Data Fabrication allows remote attackers to traverse directories by sending specially crafted URL requests that exploit 'dot dot' sequences. This could enable unauthorized access to arbitrary files on the server, potentially leading to sensitive data exposure. Users of affected versions are strongly advised to apply the necessary security updates to mitigate this risk.

Affected Version(s)

InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 <= 1.8.4

References

https://www.ibm.com/support/pages/node/7272653

vendor-advisorypatch

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Feb 27, 2026

CVE-2026-3366 Data

JSON