Summary
It has been found that Watson Management Console is prone to a directory traversal vulnerability. The issue is due to the server's failure to properly validate user supplied http requests.
This issue may allow an attacker to escape the web server root directory and view any web server readable files. Information acquired by exploiting this issue may be used to aid further attacks against a vulnerable system.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- Apple Safari RSS Feed Information Disclosure Vulnerability
- Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
- Adobe ColdFusion Information Disclosure Vulnerability