Information disclosure in IBM AIX - CVE-2016-6038
Published: September 23, 2016
Vulnerability identifier: #VU643
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-6038
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: IBM Corporation
Affected software:
IBM AIX
IBM AIX
Detailed vulnerability description
The vulnerability allows a remote user to obtain potentially sensitive information on the target system.
The weakness exists due to directory traversal flaw. By submission of specially crafted URL attackers can easily view arbitrary files.
Successfull exploitation of the vulnerability may result in information disclosure on the vulnerable system.
The weakness exists due to directory traversal flaw. By submission of specially crafted URL attackers can easily view arbitrary files.
Successfull exploitation of the vulnerability may result in information disclosure on the vulnerable system.
How to mitigate CVE-2016-6038
No solution resolving the vulnerability is available.