A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code.
[
{
"product": "Sterling External Authentication Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.3.01"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "and 2.4.1"
}
]
}
]