Security Bulletin: IBM Data Studio Web Console is susceptible to a “Directory Traversal Arbitrary File Download” vulnerability.
IBM Data Studio Web Console versions 3.1.0 and 3.1.1 could allow a remote attacker to traverse directories on the file system. An attacker could exploit this vulnerability to view potentially sensitive system files.
CVE ID: CVE-2013-2981
AFFECTED PRODUCTS :
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21638734