CVE-2025-27906

Summary

IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified.

Affected Software

VendorProductVersion RangeStatus
IBMContent Navigator3.0.11affected
IBMContent Navigator3.0.15affected
IBMContent Navigator3.1.0affected
IBMContent Navigator3.2.0affected

Weaknesses

  • CWE-548: CWE-548 Exposure of Information Through Directory Listing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References