CVE-2012-2202
Published Jul 27, 2012
Last updated 7 years ago
Overview
- Description
- Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31F356BD-5E3C-4426-B315-86F681E2F6A8"
},
{
"criteria": "cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "068537DC-785E-45E2-9B04-245621B48BB4"
},
{
"criteria": "cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FCE408A-BD6C-4D2C-8F37-132394729729"
},
{
"criteria": "cpe:2.3:a:ibm:lotus_protector_for_mail_security:2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9277E17-F3EC-4E8B-B4E0-629966D7EB89"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37B13DDF-DCD6-4C10-B533-0C25FE966007"
},
{
"criteria": "cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D99B0275-98EE-48EA-B454-E13EC6521F32"
},
{
"criteria": "cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BBC5F27-E6F2-4B18-AEC5-3032207FAD25"
},
{
"criteria": "cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0D45AC4-6028-44DB-BFC6-24D105FBB2C2"
},
{
"criteria": "cpe:2.3:o:ibm:proventia_network_mail_security_system_firmware:2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1090D84-2202-47C5-97F5-781543BB74BC"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:proventia_network_mail_security_system:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8FE2B207-9C49-4107-9109-A6E9D1D610C6"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]