Path traversal

2018-08-2021:29:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.5%

JSON

The IBM Java Runtime Environment’s Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.

CPENameOperatorVersion
sdkeq6.0
sdkeq7.0
sdkeq8.0
enterprise_manager_base_platformeq13.2.0.0.0
enterprise_manager_base_platformeq13.3.0.0.0
enterprise_linux_desktopeq7.0
enterprise_linux_desktopeq6.0
enterprise_linux_servereq7.0
enterprise_linux_servereq6.0
enterprise_linux_workstationeq7.0

Name	Operator	Version
sdk	eq	6.0
sdk	eq	7.0
sdk	eq	8.0
enterprise_manager_base_platform	eq	13.2.0.0.0
enterprise_manager_base_platform	eq	13.3.0.0.0
enterprise_linux_desktop	eq	7.0
enterprise_linux_desktop	eq	6.0
enterprise_linux_server	eq	7.0
enterprise_linux_server	eq	6.0
enterprise_linux_workstation	eq	7.0