#VU40139 Arbitrary file upload in Rational Publishing Engine - CVE-2016-2914

Cybersecurity Help s.r.o.

Published: 2016-08-08 | Updated: 2020-08-09

Vulnerability identifier: #VU40139

Vulnerability risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2016-2914

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Rational Publishing Engine
Client/Desktop applications / Multimedia software

Vendor: IBM Corporation

Description

The vulnerability allows a remote authenticated user to manipulate or delete data.

Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine (aka RPENG) 2.0.1 before ifix002 allows remote authenticated users to execute arbitrary code by specifying an unexpected file extension.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Rational Publishing Engine: 2.0.1

External links
https://www.securityfocus.com/bid/92334
https://www-01.ibm.com/support/docview.wss?uid=swg21988263

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Rational Publishing Engine