Описание
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:h:ibm:iseries_as_400:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00445
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.
EPSS
Процентиль: 63%
0.00445
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other