TROYANOSYVIRUS
Volver a CVEs

CVE-2026-4917

MEDIUM
4.9

Descripcion

IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to write arbitrary files on the system.

Detalles CVE

Puntuacion CVSS v3.14.9
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosHIGH
Interaccion usuarioNONE
Publicado4/23/2026
Ultima modificacion4/23/2026
Fuentenvd
Avistamientos honeypot0

Debilidades (CWE)

CWE-22

Referencias

https://www.ibm.com/support/pages/node/7270422(psirt@us.ibm.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.