This page lists publicly disclosed CVE vulnerabilities affecting ibm director (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2009-0880 | Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request. | [email protected] | 6.8 | 31.60% | 2009-03-12 | 2026-04-23 |
| CVE-2009-0879 | The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI. | [email protected] | 5.0 | 8.22% | 2009-03-12 | 2026-04-23 |
| CVE-2007-5612 | CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. | [email protected] | 7.8 | 2.39% | 2007-11-21 | 2026-04-23 |
| CVE-2006-4683 | IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE. | [email protected] | 5.0 | 1.33% | 2006-09-11 | 2026-04-16 |
| CVE-2006-4682 | Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets. | [email protected] | 5.0 | 1.52% | 2006-09-11 | 2026-04-16 |
| CVE-2006-4681 | Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter. | [email protected] | 5.0 | 3.58% | 2006-09-11 | 2026-04-16 |