CVE-2012-2181
IBM WebSphere Portal 7.0.0.1-7.0.0.2 and 8.0 - Path Traversal via Dojo Module
Title source: llmDescription
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.
References (3)
Core 3
Core References
Various Sources vendor-advisory
x_refsource_aixapar
http://www.ibm.com/support/docview.wss?uid=swg1PM64172
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75584
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21598363
Scores
EPSS
0.0280
EPSS Percentile
84.8%
Details
CWE
CWE-22
Status
published
Products (3)
ibm/websphere_portal
7.0.0.1
ibm/websphere_portal
7.0.0.2
ibm/websphere_portal
8.0
Published
Jul 03, 2012
Tracked Since
Feb 18, 2026