IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to read and delete arbitrary files on the system. IBM X-Force ID: 198435.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2021-06-07T14:05:14.362094Z
Updated: 2024-09-17T02:36:50.637Z
Reserved: 2020-12-17T00:00:00
Link: CVE-2021-20517
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-06-07T14:15:07.767
Modified: 2021-06-10T18:02:45.153
Link: CVE-2021-20517
Redhat
No data.