CVE-2018-1453

Name of the Vulnerable Software and Affected Versions IBM Security Identity Manager Virtual Appliance version 7.0

Description The issue allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment.

Recommendations For IBM Security Identity Manager Virtual Appliance version 7.0, consider restricting file uploads to only safe and necessary file types until a patch is available. As a temporary workaround, implement additional validation and sanitization for uploaded files to prevent automatic processing of dangerous file types.