PT-2015-5525 · Ibm · Ibm Tivoli Security Directory Server

Published

2015-06-28

Updated

2016-12-30

CVE-2015-1974

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Tivoli Security Directory Server versions 6.0 through 6.0 before iFix 75 IBM Tivoli Security Directory Server versions 6.1 through 6.1 before iFix 68 IBM Tivoli Security Directory Server versions 6.2 through 6.2 before iFix 44 IBM Tivoli Security Directory Server versions 6.3 through 6.3 before iFix 37 IBM Tivoli Security Directory Server versions 6.3.1 through 6.3.1 before iFix 11 IBM Tivoli Security Directory Server versions 6.4 through 6.4 before iFix 2

Description The web administration tool in IBM Tivoli Security Directory Server allows remote authenticated users to bypass intended command restrictions.

Recommendations Apply iFix 75 for version 6.0 Apply iFix 68 for version 6.1 Apply iFix 44 for version 6.2 Apply iFix 37 for version 6.3 Apply iFix 11 for version 6.3.1 Apply iFix 2 for version 6.4

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2015-1974

Affected Products

Ibm Tivoli Security Directory Server

PT-2015-5525 · Ibm · Ibm Tivoli Security Directory Server

CVE-2015-1974

Weakness Enumeration

Related Identifiers

Affected Products

References · 4