CVE-2015-4963

Name of the Vulnerable Software and Affected Versions IBM Security Access Manager for Web versions 7.x before 7.0.0.16 IBM Security Access Manager for Web versions 8.x before 8.0.1.3

Description The issue is related to the mishandling of WebSEAL HTTPTransformation requests, allowing remote attackers to read or write to arbitrary files via unspecified vectors.

Recommendations For IBM Security Access Manager for Web versions 7.x before 7.0.0.16, update to version 7.0.0.16 or later. For IBM Security Access Manager for Web versions 8.x before 8.0.1.3, update to version 8.0.1.3 or later.