CVE-2010-2655 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:S/C:P/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Vendor	Product	Version
ibm	advanced_management_module	𝑥 ≤ 2.48
ibm	advanced_management_module	1.00
ibm	advanced_management_module	1.01
ibm	advanced_management_module	1.20
ibm	advanced_management_module	1.20:f
ibm	advanced_management_module	1.25
ibm	advanced_management_module	1.25:e
ibm	advanced_management_module	1.25:i
ibm	advanced_management_module	1.26:b
ibm	advanced_management_module	1.26:e
ibm	advanced_management_module	1.26:h
ibm	advanced_management_module	1.26:i
ibm	advanced_management_module	1.26:k
ibm	advanced_management_module	1.28:g
ibm	advanced_management_module	1.32:d
ibm	advanced_management_module	1.34:b
ibm	advanced_management_module	1.34:e
ibm	advanced_management_module	1.36:d
ibm	advanced_management_module	1.36:g
ibm	advanced_management_module	1.36:h
ibm	advanced_management_module	1.36:k
ibm	advanced_management_module	1.42:d
ibm	advanced_management_module	1.42:f
ibm	advanced_management_module	1.42:i
ibm	advanced_management_module	1.42:n
ibm	advanced_management_module	1.42:o
ibm	advanced_management_module	1.42:t
ibm	advanced_management_module	2.46:c
ibm	advanced_management_module	2.46:j
ibm	advanced_management_module	2.48:c
ibm	advanced_management_module	2.48:d
ibm	advanced_management_module	2.48:g
ibm	advanced_management_module	2.48:n
ibm	advanced_management_module	2.50:c
ibm	advanced_management_module	2.50:g
ibm	advanced_management_module	2.50:k
ibm	advanced_management_module	2.50:p

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References

http://dsecrg.com/pages/vul/show.php?id=154

http://osvdb.org/66124

http://www.exploit-db.com/exploits/14237/

http://www.securityfocus.com/bid/41383

http://dsecrg.com/pages/vul/show.php?id=154

http://osvdb.org/66124

http://www.exploit-db.com/exploits/14237/

http://www.securityfocus.com/bid/41383