CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
AI Score
Confidence
High
EPSS
Percentile
82.8%
IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerable to a “zip slip” vulnerability which could allow a remote attacker to execute code using directory traversal techniques. IBM X-Force ID: 151970.
[
{
"product": "Case Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.2.0.0"
},
{
"status": "affected",
"version": "5.2.0.4"
},
{
"status": "affected",
"version": "5.2.1.0"
},
{
"status": "affected",
"version": "5.2.1.7"
},
{
"status": "affected",
"version": "5.3.0.0"
},
{
"status": "affected",
"version": "5.3.3.0"
}
]
}
]
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
AI Score
Confidence
High
EPSS
Percentile
82.8%