CVE-2022-33165
published 2023-10-14CVE-2022-33165: IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 228582.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_directory_integrator | — | — |
| ibm | security_directory_server | — | — |