CVE-2023-38012 – IBM Cloud Pak System Path Traversal Vulnerability

CVE ID : CVE-2023-38012

Published : Jan. 25, 2025, 2:15 p.m. | 18 minutes ago

Description : IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2023-38012 – IBM Cloud Pak System Path Traversal Vulnerability