Arbitrary File Access Vulnerability in IBM Optim Performance Manager for DB2 and IBM InfoSphere Optim Performance Manager for DB2

Arbitrary File Access Vulnerability in IBM Optim Performance Manager for DB2 and IBM InfoSphere Optim Performance Manager for DB2

CVE-2014-6154 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.