PT-2014-6141 · Ibm · Ibm Security Access Manager For Mobile+1

Publicado

2014-10-03

·

Atualizado

2017-08-29

·

CVE-2014-4823

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions IBM Security Access Manager for Web versions 7.x before 7.0.0-ISS-WGA-IF0009 IBM Security Access Manager for Web versions 8.x before 8.0.0-ISS-WGA-FP0005 IBM Security Access Manager for Mobile versions 8.x before 8.0.0-ISS-ISAM-FP0005
Description The administration console in the affected software allows remote attackers to inject system commands via unspecified vectors.
Recommendations For IBM Security Access Manager for Web versions 7.x before 7.0.0-ISS-WGA-IF0009, update to 7.0.0-ISS-WGA-IF0009 or later. For IBM Security Access Manager for Web versions 8.x before 8.0.0-ISS-WGA-FP0005, update to 8.0.0-ISS-WGA-FP0005 or later. For IBM Security Access Manager for Mobile versions 8.x before 8.0.0-ISS-ISAM-FP0005, update to 8.0.0-ISS-ISAM-FP0005 or later.

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2014-4823

Produtos afetados

Ibm Security Access Manager For Mobile
Ibm Security Access Manager For Web