Files or Directories Accessible to External Parties
CVE-2017-1602
Summary
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.
- LOW
- NETWORK
- LOW
- UNCHANGED
- NONE
- LOW
- NONE
- NONE
CWE-552 - Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.
References
Advisory Timeline
- Published