IBM InfoSphere Optim Test Data Fabrication <1.0.2.7 Dir Traversal File Read
CVE-2026-3366 Published on May 27, 2026
InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read
IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system
Vulnerability Analysis
CVE-2026-3366 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2026-3366 has been classified to as a Directory traversal vulnerability or weakness.
Products Associated with CVE-2026-3366
Want to know whenever a new CVE is published for IBM Infosphere Optim Test Data Fabrication? stack.watch will email you.
Affected Versions
IBM InfoSphere Optim Test Data Fabrication:- Version 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7, <= 1.8.4 is affected.