Vulnerability Details CVE-2011-4435
The web-server component in the Consolidation and Analysis Engine (CAE) Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.2%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2011-4435
-
cpe:2.3:a:ibm:db2_tools_for_z/os:2.3.0