5.3

CVE-2025-27906

IBM Content Navigator information disclosure

IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmContent Navigator Version3.0.11 Update-
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmContent Navigator Version3.0.15 Update-
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmContent Navigator Version3.1.0 Update-
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmContent Navigator Version3.2.0 Update-
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.097
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@us.ibm.com 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-548 Exposure of Information Through Directory Listing

A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.