CVE-2014-6222Path Traversal in IBM Marketing Operations

CWE-22Path Traversal3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.4%
top 39.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Marketing Operations
Timeline
PublishedJun 7
Latest updateMay 17

Description

Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/marketing_operations64 versions+63

🔴Vulnerability Details

2
GHSA
GHSA-5c8v-7273-f4pm: Directory traversal vulnerability in IBM Marketing Operations 72022-05-17
CVEList
CVE-2014-6222: Directory traversal vulnerability in IBM Marketing Operations 72015-06-07
CVE-2014-6222 — Path Traversal in IBM | cvebase