CVE-2016-6038 — Path Traversal in IBM AIX
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 54.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 26
Latest updateMay 17
Description
Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
2GHSAâ–¶
GHSA-pvv9-fwxg-c37m: Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5↗2022-05-17
CVEListâ–¶
CVE-2016-6038: Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5↗2016-09-26