CVE-2012-4834Path Traversal in IBM Websphere Portal

CWE-22Path Traversal3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.7%
top 17.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Portal
Timeline
PublishedNov 30
Latest updateMay 14

Description

Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/websphere_portal7.0.0.1, 7.0.0.2, 8.0.0.0+2

Patches

Patch: www.ibm.comPatch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-x9jr-wg99-m8gf: Directory traversal vulnerability in LayerLoader2022-05-14
CVEList
CVE-2012-4834: Directory traversal vulnerability in LayerLoader2012-11-30
CVE-2012-4834 — Path Traversal in IBM Websphere Portal | cvebase