Vulnerability Details CVE-2014-6222
Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.1%
CVSS Severity
CVSS v2 Score 4.0
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715
- http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923
- http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455
- http://www-01.ibm.com/support/docview.wss?uid=swg21902933
- http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715
- http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923
- http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455
- http://www-01.ibm.com/support/docview.wss?uid=swg21902933
Products affected by CVE-2014-6222
-
cpe:2.3:a:ibm:marketing_operations:7.2.0.0
-
cpe:2.3:a:ibm:marketing_operations:7.2.0.4
-
cpe:2.3:a:ibm:marketing_operations:7.2.1.0
-
cpe:2.3:a:ibm:marketing_operations:7.2.1.12
-
cpe:2.3:a:ibm:marketing_operations:7.3.2.0
-
cpe:2.3:a:ibm:marketing_operations:7.3.2.1
-
cpe:2.3:a:ibm:marketing_operations:7.3.2.8
-
cpe:2.3:a:ibm:marketing_operations:7.4.0.0
-
cpe:2.3:a:ibm:marketing_operations:7.4.0.2
-
cpe:2.3:a:ibm:marketing_operations:7.4.1.0
-
cpe:2.3:a:ibm:marketing_operations:7.4.1.6
-
cpe:2.3:a:ibm:marketing_operations:7.4.2.0
-
cpe:2.3:a:ibm:marketing_operations:7.4.2.7
-
cpe:2.3:a:ibm:marketing_operations:7.5.0.0
-
cpe:2.3:a:ibm:marketing_operations:7.5.0.1
-
cpe:2.3:a:ibm:marketing_operations:7.5.2.0
-
cpe:2.3:a:ibm:marketing_operations:7.5.2.3
-
cpe:2.3:a:ibm:marketing_operations:7.5.3.0
-
cpe:2.3:a:ibm:marketing_operations:7.5.3.7
-
cpe:2.3:a:ibm:marketing_operations:7.5.3.8
-
cpe:2.3:a:ibm:marketing_operations:7.5.3.9
-
cpe:2.3:a:ibm:marketing_operations:8.0.0.0
-
cpe:2.3:a:ibm:marketing_operations:8.0.0.2
-
cpe:2.3:a:ibm:marketing_operations:8.1.0.0
-
cpe:2.3:a:ibm:marketing_operations:8.1.0.6
-
cpe:2.3:a:ibm:marketing_operations:8.1.0.7
-
cpe:2.3:a:ibm:marketing_operations:8.1.1.0
-
cpe:2.3:a:ibm:marketing_operations:8.1.1.4
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.0
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.10
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.11
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.12
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.13
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.5
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.6
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.7
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.8
-
cpe:2.3:a:ibm:marketing_operations:8.2.0.9
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.0
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.1
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.2
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.3
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.4
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.5
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.6
-
cpe:2.3:a:ibm:marketing_operations:8.5.0.7
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.0
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.2
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.3
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.4
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.5
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.6
-
cpe:2.3:a:ibm:marketing_operations:8.6.0.7
-
cpe:2.3:a:ibm:marketing_operations:9.0.0.0
-
cpe:2.3:a:ibm:marketing_operations:9.0.0.1
-
cpe:2.3:a:ibm:marketing_operations:9.0.0.2
-
cpe:2.3:a:ibm:marketing_operations:9.0.0.3
-
cpe:2.3:a:ibm:marketing_operations:9.0.0.4
-
cpe:2.3:a:ibm:marketing_operations:9.1.0.0
-
cpe:2.3:a:ibm:marketing_operations:9.1.0.2
-
cpe:2.3:a:ibm:marketing_operations:9.1.0.3
-
cpe:2.3:a:ibm:marketing_operations:9.1.0.4
-
cpe:2.3:a:ibm:marketing_operations:9.1.1.0
-
cpe:2.3:a:ibm:marketing_operations:9.1.1.1