Refine your search
1 vulnerability found for content_navigator by ibm
CVE-2025-27906 (GCVE-0-2025-27906)
Vulnerability from nvd
Published
2025-10-14 14:08
Modified
2025-10-14 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-548 - Exposure of Information Through Directory Listing
Summary
IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Content Navigator |
Version: 3.0.11 Version: 3.0.15 Version: 3.1.0 Version: 3.2.0 cpe:2.3:a:ibm:content_navigator:3.0.11:*:*:*:*:*:*:* cpe:2.3:a:ibm:content_navigator:3.0.15:*:*:*:*:*:*:* cpe:2.3:a:ibm:content_navigator:3.1.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:content_navigator:3.2.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:09:46.865547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:09:55.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:content_navigator:3.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:content_navigator:3.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:content_navigator:3.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:content_navigator:3.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Content Navigator",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "3.0.11"
},
{
"status": "affected",
"version": "3.0.15"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified."
}
],
"value": "IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-548",
"description": "CWE-548 Exposure of Information Through Directory Listing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T14:08:42.994Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7247854"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch2\u003eRemediation/Fixes\u003c/h2\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product(s)\u003c/td\u003e\u003ctd\u003eVersion(s)\u003c/td\u003e\u003ctd\u003eFix\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Content Navigator\u003c/td\u003e\u003ctd\u003e3.0.11\u003c/td\u003e\u003ctd\u003eICN 3.0.11-IF021\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Content Navigator\u003c/td\u003e\u003ctd\u003e3.0.15\u003c/td\u003e\u003ctd\u003eICN 3.0.15-IF007\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Content Navigator\u003c/td\u003e\u003ctd\u003e3.1.0\u003c/td\u003e\u003ctd\u003eICN 3.1.0-IF6\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Content Navigator\u003c/td\u003e\u003ctd\u003e3.2.0\u003c/td\u003e\u003ctd\u003eICN 3.2.0-IF1\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "Remediation/Fixes\n\nAffected Product(s)Version(s)FixIBM Content Navigator3.0.11ICN 3.0.11-IF021IBM Content Navigator3.0.15ICN 3.0.15-IF007IBM Content Navigator3.1.0ICN 3.1.0-IF6IBM Content Navigator3.2.0ICN 3.2.0-IF1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Content Navigator information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-27906",
"datePublished": "2025-10-14T14:08:42.994Z",
"dateReserved": "2025-03-10T17:14:11.135Z",
"dateUpdated": "2025-10-14T19:09:55.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}