Path Traversal in Rocketsoftware Rocket_servergraph
CVE-2014-3914
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to t…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.837 (99.3th percentile) — read the EPSS interpretation.
Affected products
- Rocketsoftware Rocket_servergraph — versions 1.2
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cve@mitre.org (x_refsource_MISC)
- 33807 (Exploit, exploit, x_refsource_EXPLOIT-DB)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
Frequently asked questions
- What is CVE-2014-3914?
- CVE-2014-3914 is a vulnerability in Rocketsoftware Rocket_servergraph, classified under Path Traversal. Published 2014-08-07.
- Is CVE-2014-3914 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.