CVE-2012-2181

IBM WebSphere Portal 7.0.0.1-7.0.0.2 and 8.0 - Path Traversal via Dojo Module

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.

References (3)

Core 3
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www.ibm.com/support/docview.wss?uid=swg1PM64172
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75584
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21598363

Scores

EPSS 0.0280
EPSS Percentile 84.8%

Details

CWE
CWE-22
Status published
Products (3)
ibm/websphere_portal 7.0.0.1
ibm/websphere_portal 7.0.0.2
ibm/websphere_portal 8.0
Published Jul 03, 2012
Tracked Since Feb 18, 2026