CVE-2014-6154

{"id": "CVE-2014-6154", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-02-13T02:59:05.330", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696000", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97677", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en IBM Optim Performance Manager para DB2 4.1.0.1 hasta 4.1.1 en Linux, UNIX, y Windows e IBM InfoSphere Optim Performance Manager para DB2 5.1 hasta 5.3.1 en Linux, UNIX, y Windows permite a atacantes remotos acceder a ficheros arbitrarios a trav\u00e9s de un .. (punto punto) en una URL."}], "lastModified": "2017-09-08T01:29:10.510", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:optim_performance_manager:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEA7F1C4-4133-4D58-B102-79D6DDB90F71"}, {"criteria": "cpe:2.3:a:ibm:optim_performance_manager:4.1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B141C72F-6D16-4FBE-9843-CBA2C7F30B75"}, {"criteria": "cpe:2.3:a:ibm:optim_performance_manager:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DB2A0D8-0D0E-4D1E-BB6A-790D34AA6985"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@us.ibm.com"}