Date published: 2014-12-16T19:59:01.220-05:00
Date last modified: 2017-09-07T21:29:11.807-04:00
CVSS Score: 4.0
Principal attack vector: NETWORK
Reference URL: http://www-01.ibm.com/support/docview.wss?uid=swg1JR51234
Summary: Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x through 126.96.36.199 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.