VYPR
Unrated severityNVD Advisory· Published May 16, 2014· Updated Jun 17, 2026

CVE-2014-0918

CVE-2014-0918

Description

Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL.

Affected products

53
  • cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*+ 51 more
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:6.1.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.0:cf001:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf002:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf003:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf004:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf005:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf006:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf007:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf008:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf009:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf010:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf019:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf011:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf012:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf013:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf014:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf015:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf016:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf017:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf018:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf019:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf020:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf021:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf022:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf23:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf24:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf25:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf26:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf27:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf03:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf04:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf05:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf04:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf05:*:*:*:*:*:*
    • (no CPE)range: 6.1.0.6 CF27 and earlier; 6.1.5.3 CF27 and earlier; 7.0.0.2 CF27 and earlier; 8.0.0.1 CF06 and earlier
  • Range: 6.1.0.6 CF27 and earlier; 6.1.5.3 CF27 and earlier; 7.0.0.2 CF27 and earlier; 8.0.0.1 CF06 and earlier

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.