CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
71.0%
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a … (dot dot) in the template parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | lotus_protector_for_mail_security | 2.1 | cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.1:*:*:*:*:*:*:* |
ibm | lotus_protector_for_mail_security | 2.5 | cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.5:*:*:*:*:*:*:* |
ibm | lotus_protector_for_mail_security | 2.5.1 | cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.5.1:*:*:*:*:*:*:* |
ibm | lotus_protector_for_mail_security | 2.8 | cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:* |
ibm | proventia_network_mail_security_system_firmware | 2.5 | cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5:*:*:*:*:*:*:* |
ibm | proventia_network_mail_security_system_firmware | 2.5.0.2 | cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5.0.2:*:*:*:*:*:*:* |
ibm | proventia_network_mail_security_system_firmware | 2.5.1 | cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5.1:*:*:*:*:*:*:* |
ibm | proventia_network_mail_security_system_firmware | 2.6 | cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.6:*:*:*:*:*:*:* |
ibm | proventia_network_mail_security_system_firmware | 2.8 | cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.8:*:*:*:*:*:*:* |
ibm | proventia_network_mail_security_system | * | cpe:2.3:h:ibm:proventia_network_mail_security_system:*:*:*:*:*:*:*:* |