CVE-2001-0982

Опубликовано: 23 июл. 2001

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.

Ссылки

ftp://ftp.tivoli.com/support/patches/patches_3.7.1/3.7.1-POL-0003/3.7.1-POL-0003.README
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-07/0497.html
Patch
Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IY18152&apar=only
http://www.osvdb.org/1908
http://www.securityfocus.com/bid/3080
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6884
ftp://ftp.tivoli.com/support/patches/patches_3.7.1/3.7.1-POL-0003/3.7.1-POL-0003.README
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-07/0497.html
Patch
Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IY18152&apar=only
http://www.osvdb.org/1908
http://www.securityfocus.com/bid/3080
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6884

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_secureway_policy_director:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_secureway_policy_director:3.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_secureway_policy_director:3.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_secureway_policy_director:3.7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02762

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jjqp-7vww-89gx

github

почти 4 года назад