What is the severity of CVE-2014-6155?

CVE-2014-6155 is considered a high severity vulnerability due to its ability to allow remote authenticated users to access arbitrary files.

How do I fix CVE-2014-6155?

To mitigate CVE-2014-6155, upgrade your IBM WebSphere Service Registry and Repository to a patched version 8.0.0.3 or later, or 8.5.0.1 or later.

What versions of IBM WebSphere Service Registry and Repository are affected by CVE-2014-6155?

CVE-2014-6155 affects versions 7.5.x through 7.5.0.4, all 8.0.x versions prior to 8.0.0.3, and all 8.5.x versions prior to 8.5.0.1.

Can unauthenticated users exploit CVE-2014-6155?

No, CVE-2014-6155 can only be exploited by authenticated users of the IBM WebSphere Service Registry and Repository.

What must be done to secure systems against CVE-2014-6155?

To secure systems against CVE-2014-6155, ensure that your software is updated to the latest secure version and monitor for unauthorized access attempts.

Vulnerability/
CVE-2014-6155

medium

CWE

24/12/2014

6/8/2024

CVE-2014-6155: Path Traversal

First published: Wed Dec 24 2014(Updated: )

Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary files via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Service Registry and Repository	=7.5.0.0
IBM WebSphere Service Registry and Repository	=7.5.0.1
IBM WebSphere Service Registry and Repository	=7.5.0.2
IBM WebSphere Service Registry and Repository	=7.5.0.3
IBM WebSphere Service Registry and Repository	=7.5.0.4
IBM WebSphere Service Registry and Repository	=8.0
IBM WebSphere Service Registry and Repository	=8.0.0.1
IBM WebSphere Service Registry and Repository	=8.0.0.2
IBM WebSphere Service Registry and Repository	=8.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6155?
CVE-2014-6155 is considered a high severity vulnerability due to its ability to allow remote authenticated users to access arbitrary files.
How do I fix CVE-2014-6155?
To mitigate CVE-2014-6155, upgrade your IBM WebSphere Service Registry and Repository to a patched version 8.0.0.3 or later, or 8.5.0.1 or later.
What versions of IBM WebSphere Service Registry and Repository are affected by CVE-2014-6155?
CVE-2014-6155 affects versions 7.5.x through 7.5.0.4, all 8.0.x versions prior to 8.0.0.3, and all 8.5.x versions prior to 8.5.0.1.
Can unauthenticated users exploit CVE-2014-6155?
No, CVE-2014-6155 can only be exploited by authenticated users of the IBM WebSphere Service Registry and Repository.
What must be done to secure systems against CVE-2014-6155?
To secure systems against CVE-2014-6155, ensure that your software is updated to the latest secure version and monitor for unauthorized access attempts.

collector/nvd-index
agent/softwarecombine
agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/ibm
canonical/ibm websphere service registry and repository
version/ibm websphere service registry and repository/7.5.0.0
version/ibm websphere service registry and repository/7.5.0.1
version/ibm websphere service registry and repository/7.5.0.2
version/ibm websphere service registry and repository/7.5.0.3
version/ibm websphere service registry and repository/7.5.0.4
version/ibm websphere service registry and repository/8.0
version/ibm websphere service registry and repository/8.0.0.1
version/ibm websphere service registry and repository/8.0.0.2
version/ibm websphere service registry and repository/8.5

Frequently Asked Questions

What is the severity of CVE-2014-6155?
CVE-2014-6155 is considered a high severity vulnerability due to its ability to allow remote authenticated users to access arbitrary files.
How do I fix CVE-2014-6155?
To mitigate CVE-2014-6155, upgrade your IBM WebSphere Service Registry and Repository to a patched version 8.0.0.3 or later, or 8.5.0.1 or later.
What versions of IBM WebSphere Service Registry and Repository are affected by CVE-2014-6155?
CVE-2014-6155 affects versions 7.5.x through 7.5.0.4, all 8.0.x versions prior to 8.0.0.3, and all 8.5.x versions prior to 8.5.0.1.
Can unauthenticated users exploit CVE-2014-6155?
No, CVE-2014-6155 can only be exploited by authenticated users of the IBM WebSphere Service Registry and Repository.
What must be done to secure systems against CVE-2014-6155?
To secure systems against CVE-2014-6155, ensure that your software is updated to the latest secure version and monitor for unauthorized access attempts.

CVE-2014-6155: Path Traversal

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6155?

How do I fix CVE-2014-6155?

What versions of IBM WebSphere Service Registry and Repository are affected by CVE-2014-6155?

Can unauthenticated users exploit CVE-2014-6155?

What must be done to secure systems against CVE-2014-6155?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-6155?

How do I fix CVE-2014-6155?

What versions of IBM WebSphere Service Registry and Repository are affected by CVE-2014-6155?

Can unauthenticated users exploit CVE-2014-6155?

What must be done to secure systems against CVE-2014-6155?