CVE-2012-3305

MEDIUM

Description

Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file.

References

http://www.ibm.com/support/docview.wss?uid=swg21611313

http://www-01.ibm.com/support/docview.wss?uid=swg1PM62467

https://exchange.xforce.ibmcloud.com/vulnerabilities/77477

Details

Source: MITRE

Published: 2012-09-25

Updated: 2017-08-29

Type: CWE-22

Risk Information

CVSS v2.0

Base Score: 6.4

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 10

Severity: MEDIUM