Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Security Directory Server information disclosure
Vulnerability Description
IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 228582.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
IBM Security Directory Server 路径遍历漏洞
Vulnerability Description
IBM Security Directory Server是美国国际商业机器(IBM)公司的一套使用了轻量级目录访问协议(LDAP)的企业身份管理软件。该软件提供一个可信的身份数据基础架构,用于身份验证。 IBM Security Directory Server 6.4.0 版本存在安全漏洞,该漏洞源于存在目录遍历漏洞,通过特制 URL 请求可以查看系统上的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A