Miembros de
Boletines de Vulnerabilidades |
Security Bulletin: IBM Algo One affected by vulnerability in path traversal in IBM Algo One Algo Risk Application ("ARA") (CVE-2013-6304) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
Insufficient server-side validation could allows users to access files they are not authorized to. CVE(s): CVE-2013-6304 Affected product(s) and affected version(s): ARA Versions 2.4.0.1 through 4.9.1. This issue did not impact version 5.0.0 and higher. The following versions are not being patched and users currently on one of the versions specified below are advised to upgrade to a patched version: ARA 2.4.0.1 ARA 2.4.1 ARA 2.4.2 ARA 2.5.0 ARA 2.5.1 ARA 2.5.2 ARA 2.5.3 ARA 2.5.4 ARA More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_algo_one_affected_by_vulnerability_in_path_traversal_in_ibm_algo_one_algo_risk_application_ara_cve_2013_6304?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2013-6304 ,CVE-2014-0411 ,CVE-2013-6440 ,CVE-2014-0881 and CVE-2014-0882. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-03-04 |