3 matches found
Security Bulletin: IBM Security Key Lifecycle Manager is affected by Path Traversal vulnerability (CVE-2017-1671)
Summary IBM Security Key Lifecycle Manager could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. Vulnerability Details CVEID: CVE-2017-1671 DESCRIPTION:...
CVE-2017-1671
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 133638...
CVE-2017-1671
CVE-2017-1671 affects IBM Security Key Lifecycle Manager (Tivoli Key Lifecycle Manager) with a path traversal vulnerability in versions 2.5–2.5.0.8, 2.6–2.6.0.3, and 2.7–2.7.0.2. A remote attacker can trigger directory traversal by crafting URL requests containing dot-dot sequences (/../) to view...