IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 163681.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2019-08-20T18:25:26.918044Z

Updated: 2024-09-17T02:15:52.552Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-4460

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-08-20T19:15:16.887

Modified: 2024-11-21T04:43:38.090

Link: CVE-2019-4460

cve-icon Redhat

No data.