CVE-2014-6155

Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary files via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.5:*:*:*:*:*:*:*

History

21 Nov 2024, 02:13

Type Values Removed Values Added
References () http://secunia.com/advisories/61805 - () http://secunia.com/advisories/61805 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg1IV63585 - () http://www-01.ibm.com/support/docview.wss?uid=swg1IV63585 -
References () http://www.ibm.com/support/docview.wss?uid=swg21693384 - Vendor Advisory () http://www.ibm.com/support/docview.wss?uid=swg21693384 - Vendor Advisory
References () http://www.ibm.com/support/docview.wss?uid=swg21693387 - Vendor Advisory () http://www.ibm.com/support/docview.wss?uid=swg21693387 - Vendor Advisory
References () http://www.ibm.com/support/docview.wss?uid=swg21693389 - Vendor Advisory () http://www.ibm.com/support/docview.wss?uid=swg21693389 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/97678 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/97678 -

Information

Published : 2014-12-24 11:59

Updated : 2024-11-21 02:13


NVD link : CVE-2014-6155

Mitre link : CVE-2014-6155

CVE.ORG link : CVE-2014-6155


JSON object : View

Products Affected

ibm

  • websphere_service_registry_and_repository
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')