Unrated severityNVD Advisory· Published Sep 14, 2010· Updated Apr 29, 2026
CVE-2010-0154
CVE-2010-0154
Description
Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the l parameter, related to an "Insecure Direct Object Reference vulnerability."
Affected products
2- cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:1.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.