IBM Security Directory Server is a suite of enterprise identity management software from International Business Machines (IBM) that uses the Lightweight Directory Access Protocol (LDAP). The software provides a trusted identity data infrastructure for authentication. A directory traversal vulnerability exists in IBM Security Directory Server version 7.2.0, which stems from a lack of validity checking of the program’s paths when processing directory requests, and can be exploited by an attacker to send a specially crafted URL request to view or write to arbitrary files on the system.
CPE | Name | Operator | Version |
---|---|---|---|
ibm security directory server | eq | 7.2.0 |