IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.
[
{
"product": "Tivoli Monitoring V6",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.2.3.5"
},
{
"status": "affected",
"version": "6.2.2.9"
},
{
"status": "affected",
"version": "6.3.0.7"
}
]
}
]