Bypassing Read Restrictions in IBM WebSphere Portal

Bypassing Read Restrictions in IBM WebSphere Portal

CVE-2013-6730 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x before 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF10, when the wcm.path.traversal.security setting is enabled, allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results.

Learn more about our Cis Benchmark Audit For Ibm Websphere.