Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Embedded Websphere Application Server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3020 1 Ibm 2 Embedded Websphere Application Server, Tivoli Integrated Portal 2024-11-21 6.9 MEDIUM N/A
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.