CVE-2019-4384

Name of the Vulnerable Software and Affected Versions IBM Campaign versions 9.1.2 through 10.1

Description The issue allows a remote attacker to traverse directories on the system by sending a specially-crafted URL request containing dot dot sequences (../) to view arbitrary files on the system.

Recommendations For versions 9.1.2 through 10.1, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, consider implementing additional validation and sanitization for URL requests to prevent directory traversal attacks.