CVE-2022-33164

Name of the Vulnerable Software and Affected Versions IBM Security Directory Server version 7.2.0

Description The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system.

Recommendations For IBM Security Directory Server version 7.2.0, consider disabling directory traversal functionality until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.