3 matches found
Security Bulletin: IBM Security Network Protection is affected by Shell Command Injection vulnerability (CVE-2014-6183)
Summary A Shell Command Injection vulnerability has been discovered in IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-6183 Description: IBM Security Network Protection could allow a remote attacker to execute arbitrary commands on the system. An authenticated attacker cou...
IBM Network Security Protection XGS Remote Code Execution (swg21690823) (credentialed check)
The firmware version installed on the remote IBM XGS appliance does not properly sanitize certain user-supplied inputs which can allow a remote, authenticated attacker to execute shell commands with the privileges of the 'www-data' user via a standard HTTP request. C Tenable Network Security, Inc...
CVE-2014-6183
CVE-2014-6183 affects IBM Security Network Protection (XGS) models 3100/4100/5100/7100. A remote authenticated attacker could inject and execute arbitrary shell commands due to a shell command injection vulnerability in firmware ranges 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, and 5.3. Remediation consist...