CVE-2024-22328
published 2024-04-06CVE-2024-22328: IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 279950.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | maximo_application_suite | — | — |
| ibm | maximo_application_suite | — | — |
| ibm | maximo_application_suite | — | — |