CNNVD-202510-1994 Information
CNNVD ID
CNNVD-202510-1994
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
IBM Content Navigator是美国国际商业机器(IBM)公司的一款Web客户机。该产品支持从Web浏览器搜索和处理存储在内容服务器中的文档。 IBM Content Navigator 3.0.11版本、3.0.15版本、3.1.0版本和3.2.0版本存在安全漏洞,该漏洞源于使用应用程序URL时可能暴露应用程序目录列表,可能导致信息泄露。
Description (English)
IBM Contractor Navigator is a Web client of the United States International Business Machine (IBM). The product supports the search and processing of documents stored in content servers from the Web browser. There is a security loophole in IBM Content Navigator, Version 3.011, Version 3.0.15, Version 3.1.0 and Version 3.2.0, which stems from the possibility of exposing the list of application directories when using the application URL, which could lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-10-14
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7247854 https://access.redhat.com/security/cve/cve-2025-27906
Patch
https://www.ibm.com/support/pages/node/7247854
Share on: