Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2016-2914

Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine (aka RPENG) 2.0.1 before ifix002 allows remote authenticated users to execute arbitrary code by specifying an unexpected file extension.

Published: Aug 8, 2016
Updated: Nov 9, 2025
CVE: CVE-2016-2914
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.5
AV:N/AC:L/Au:S/C:N/I:P/A:P

CWEs:

CWE-434

Affected Software
References

Software	From	Fixed in
ibm / engineering_lifecycle_optimization_-_publishing	2.0.1	2.0.1.x

http://www-01.ibm.com/support/docview.wss?uid=swg21988263
http://www.securityfocus.com/bid/92334

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo