Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing %2e strings.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tivoli_secureway_policy_director | Ibm | 3.0.1 (including) | 3.0.1 (including) |
Tivoli_secureway_policy_director | Ibm | 3.6 (including) | 3.6 (including) |
Tivoli_secureway_policy_director | Ibm | 3.7 (including) | 3.7 (including) |
Tivoli_secureway_policy_director | Ibm | 3.7.1 (including) | 3.7.1 (including) |