Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61695
HistoryMar 07, 2014 - 12:00 a.m.

IBM WebSphere Portal 'wcm.path.traversal.security'安全绕过漏洞

2014-03-0700:00:00
Root
www.seebug.org
30

EPSS

0.002

Percentile

59.8%

JSON

Bugtraq ID:65955
CVE ID:CVE-2013-6730

IBM WebSphere Portal提供了一个组合应用程序或业务mashup框架,并且提供了一种高级工具来构造灵活的,基于SOA的解决方案。

当启用了Web Content Manager (WCM)路径遍历("wcm.path.traversal.security")设置时应用程序不正确限制对搜索结果的访问,允许攻击者利用漏洞绕过限制获取受限内容信息。
0
IBM WebSphere Portal 6.x
IBM WebSphere Portal 6.x
IBM WebSphere Portal 7.x
IBM WebSphere Portal 8.x
厂商补丁:

IBM

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞:
http://www.ibm.com/support/docview.wss?uid=swg21665915

Related

nvd 1
cvelist 1
cve 1
nessus 1
prion 1
nvd
nvd
CVE-2013-6730
2014-03-04 22:55:03
cvelist
cvelist
CVE-2013-6730
2014-03-04 22:00:00
cve
cve
CVE-2013-6730
2014-03-04 22:55:03
nessus
nessus
IBM WebSphere Portal Improper Access Control Checks (PI07185)
2014-03-26 00:00:00
prion
prion
Design/Logic Flaw
2014-03-04 22:55:00

EPSS

0.002

Percentile

59.8%

JSON
Related for SSV:61695
nvd1cvelist1cve1nessus1prion1