IBM WebSphere Portal 6.1.0.x up to and including 6.1.0.6 CF27, 6.1.5.x up to and including 6.1.5.3 CF27, 7.0.0.x prior to 7.0.0.2 CF27, and 8.0.0.x prior to 8.0.0.1 CF10, when the wcm.path.traversal.security setting is enabled, allows remote malicious users to bypass intended read restrictions on an item by accessing that item within search results.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere portal 8.0.0.0 |
||
ibm websphere portal 8.0.0.1 |
||
ibm websphere portal 6.1.5.3 |
||
ibm websphere portal 6.1.0.0 |
||
ibm websphere portal 7.0.0.0 |
||
ibm websphere portal 7.0.0.1 |
||
ibm websphere portal 6.1.0.1 |
||
ibm websphere portal 6.1.0.2 |
||
ibm websphere portal 6.1.0.3 |
||
ibm websphere portal 6.1.5.1 |
||
ibm websphere portal 6.1.5.2 |
||
ibm websphere portal 6.1.0.6 |
||
ibm websphere portal 7.0.0.2 |
||
ibm websphere portal 6.1.5.0 |
||
ibm websphere portal 6.1.0.4 |
||
ibm websphere portal 6.1.0.5 |