CVE-2014-6155

{"id": "CVE-2014-6155", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-24T11:59:03.447", "references": [{"url": "http://secunia.com/advisories/61805", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV63585", "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21693384", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21693387", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21693389", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97678", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary files via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidades m\u00faltiples de salto de directorio en IBM WebSphere Service Registry and Repository (WSRR) 7.5.x a trav\u00e9s de 7.5.0.4, 8.0.x anterior a 8.0.0.3, y 8.5.x anterior a 8.5.0.1 permite a usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de vectores sin especificar."}], "lastModified": "2017-09-08T01:29:10.573", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DFCC5E8-7DB0-445B-B063-7344B00DBFA8"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9569031-62CA-44C5-9FB0-69D107989BAF"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "669203FD-A817-4105-9862-6925A7347F32"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "998C56B9-E716-40AE-A692-0BCA22FD529A"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35BFBDE1-5658-41F6-BA2C-2AF21458C604"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EE29478-9E09-4A39-9240-6281FCFD09A2"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60672CF6-8FBF-432E-8F60-B45FA6F6E276"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE60F797-DBCF-4A06-8C4E-9A42A1410304"}, {"criteria": "cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CF066A0-BF24-44B6-83E1-0D45CDFBC31A"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}