CVE-2010-4622

CWE-22Path Traversal3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.4%
top 41.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Access Manager FOR E-business
Timeline
PublishedDec 30
Latest updateMay 17

Description

Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-v9rq-6m39-qhfv: Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 62022-05-17
CVEList
CVE-2010-4622: Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 62010-12-30
CVE-2010-4622 (MEDIUM CVSS 5) | Directory traversal vulnerability i | cvebase.io