3 matches found
Security Bulletin: IBM Security Access Manager for Web is affected by a command injection vulnerability (CVE-2015-5018)
Summary IBM Security Access Manager for Web allows attackers to run arbitrary commands on the Operating System of the appliance. An attacker with access to the LMI could use a command injection attack to gain elevated access to the appliance. Vulnerability Details CVEID: CVE-2015-5018 DESCRIPTION...
CVE-2015-5018
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface LMI access...
CVE-2015-5018
CVE-2015-5018 affects IBM Security Access Manager for Web (ISAM) on Web-based appliances: versions 7.0 before FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 are vulnerable to a command-injection via Local Management Interface (LMI) that enables remote authenticated users to execute arbi...