5.3
CVE-2025-27906
- EPSS 0.29%
- Veröffentlicht 14.10.2025 14:08:42
- Zuletzt bearbeitet 21.10.2025 14:31:09
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Content Navigator information disclosure
IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Content Navigator Version3.0.11 Update-
Ibm ≫ Content Navigator Version3.0.15 Update-
Ibm ≫ Content Navigator Version3.1.0 Update-
Ibm ≫ Content Navigator Version3.2.0 Update-
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.204 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-548 Exposure of Information Through Directory Listing
The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.
https://www.ibm.com/support/pages/node/7247854