CVE-2013-4054 — Path Traversal in IBM Websphere MQ

CWE-22 — Path Traversal3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.1%

top 75.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere MQ

Timeline

PublishedMar 2

Latest updateMay 17

Description

Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7.5 before 7.5.0.3 allows remote attackers to read arbitrary files via a crafted URI.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/websphere_mq7.5, 7.5.0.1, 7.5.0.2+2

🔴Vulnerability Details

GHSA

GHSA-pxqv-f65x-35pp: Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7↗2022-05-17

▶

CVEList

CVE-2013-4054: Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7↗2014-03-02

▶