Skip to main content

Files or Directories Accessible to External Parties

CVE-2017-1602

Severity Medium
Score 4.3/10

Summary

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625.

  • LOW
  • NETWORK
  • LOW
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • NONE

CWE-552 - Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

References

Advisory Timeline

  • Published