IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 266893.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NIBM License Metric Tool
APPIbm< 9.2.33
Related vulnerabilities
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to b...
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE)...
IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to stored cross-site scripting. This vulnerability ...
IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in ...
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect atta...