CVE-2014-6222

Published Jun 7, 2015
Last updated 9 years ago
CVSS info 4.0
Overview

Description: Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
Source: psirt@us.ibm.com
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-22
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E531A36F-A564-471F-BAD0-D1C5FC85DA3D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAE23ADE-A03F-4D45-9E38-5CB6BEBEAB49"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE7C4573-F53A-43EF-B440-58034244190D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6ABAE3AA-4055-4F2B-B8A7-D6C3394B9E88"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B71AD86-240D-4979-A77C-33696E4213DC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2F21BD4-DA4A-4136-BA6F-95874B8F8922"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E34E9484-52FB-4B43-B4F5-8A38521C53A6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "537D64AD-E149-4216-B44D-8BA332ABFD9A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B341A3E2-4B41-4DEB-808A-91E9ACA72CD5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D67C55B1-026B-401F-ACDA-B66005CE32AF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA042350-E6FA-41F3-919D-9C841758E372"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "455339EF-4E46-49BE-981C-D33B95FC7178"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67394F9C-E8E5-4D6D-95C3-B6EDE6B3AA22"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B9AE915-AF90-4708-8F0C-AA1E5E665B35"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "080925DF-094A-4112-88FD-1D694783E0D5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "200D048E-AF6D-4297-BA6F-2B0DE85DC2AF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "785007F6-EE19-4656-9308-6E8AF0085301"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB0CF9F4-05B2-4421-BBDD-C1F40207046A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D09BD7A-D6A5-4FF7-ADA4-938F3D5C65D8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09BD533F-071B-4B7C-8F5B-00D4DDECFD40"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98457298-9D1D-42C5-B881-6F44E6491B83"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6354E225-151F-47C4-9F09-8C8A48EBE0C1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B72D0B99-6EBF-4C26-BF10-386D6E85697F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D287267-07BB-4C69-8D45-BEB037A43C6B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B011552F-ABB0-444A-9D29-007959F675E6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BC7CE4C-AB66-44F2-8C68-7EBBB5EF5D30"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73EAB8BC-D328-433E-96A6-45D0E7DA22E9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4A96506-150B-42AE-AECF-1B113711BD6E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE31DEBA-4EE0-41E3-9AEA-598F16508CF0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98E7EE0B-8C30-40E5-B13E-4372F544EA3B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BAFA92D-5945-4C63-B1C7-D7E7382C91E3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D7F1AFD-EABC-4F3B-AB7D-9A7646A128EE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EBB9FB2-A887-48B1-BBA1-6433D3C4B349"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "675ED36E-E604-47A0-9D25-1E226B34C60A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D201D6C-B4C1-4F70-9E2C-F9DD66C6365E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "264A3344-3C67-469D-B66B-7DF224C5CC5F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "318EA510-B8F7-4D7F-885B-6587AE254331"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0464BC7-9657-45DC-BFAD-70DC752FCFAB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12292141-84D2-4FF9-A876-30D5382E7F30"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C7723EF-F236-44CD-801E-55C970AD552F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D34A3430-1BEA-4EDF-9315-B15322847334"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBBA46AE-5D4A-4CA8-8F5B-34E8F38D21FE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6362AAC2-5A15-4717-A426-29F395355EC6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51F99258-65C2-4DB6-A4E1-AB07C728AA53"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D06F9F7-1560-4E2E-B1C6-2A9FD3BBF81C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEE7BC6F-74F4-4C04-8821-6907611D5E2C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACFA73E2-B8C4-494F-B894-D25A024B4559"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "267EDCCE-0448-4868-AA97-5BE82FE406A5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B2504F5-7DCA-4157-B90A-41372DA27162"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BF2E40C-7147-4C73-BCDE-3C741C863902"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DFD3BE6-92D9-423F-A4EE-4117DCE08B75"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BC7AD7A-258D-4BF4-8E79-F9D604B7AB3D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8836B46-251D-4A64-94EF-EF87A995A047"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E41E05D9-5E80-42F3-B7A3-C1933EB5D873"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B74EB5EB-608A-4941-B3C9-230980EF326F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2EB5394-A456-40F3-9139-AA547708DB4B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D3A26D4-5FD5-4420-A181-D7589C4642C1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B352CB2F-69D3-4D84-B995-5EAD31369624"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB557416-74AD-4E44-8440-1DEBD90AEC2B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "431A59C0-0E34-4F1D-91B4-999D32933E6D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32B2C3DF-6B89-4DA7-9348-DDA33F1ECC82"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47C6D490-4BDD-4A77-9D76-CB31E5E2B8A5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EDBAC4E-8904-4DD0-9833-B2295E3A5511"
          },
          {
            "criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4898B8CF-2FD9-4339-B765-574703BA2A18"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
