CVE-2012-2181Path Traversal in IBM Websphere Portal

CWE-22Path Traversal4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.1%
top 80.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Portal
Timeline
PublishedJul 3
Latest updateMay 17

Description

Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/websphere_portal7.0.0.1, 7.0.0.2, 8.0+2

🔴Vulnerability Details

2
GHSA
GHSA-fg82-4jmc-96qq: Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 72022-05-17
CVEList
CVE-2012-2181: Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 72012-07-03

💥Exploits & PoCs

1
Exploit-DB
Zookeeper 3.5.2 Client - Denial of Service2017-07-02
CVE-2012-2181 — Path Traversal in IBM Websphere Portal | cvebase