Computer Security Incident Response Team of Mauritius

Vulnerability in IBM Security Privileged Identity Manager

Severity Rating: Medium

System Affected:

IBM Security Privileged Identity Manager 2.0.2 and 2.1

An arbitrary file-upload vulnerability exists in IBM Security Privileged Identity Manager.

An attacker may leverage this issue to upload arbitrary files to the affected computer which can result in arbitrary code execution within the context of the vulnerable application

Source

Solution

Users are advised to apply updates.

More information is available on:
IBM
http://www-01.ibm.com/support/docview.wss?uid=swg21996614

Vendor Information

IBM

http://www.ibm.com/us-en

CVE Information
CVE-2016-5990

References

Security Focus

http://www.securityfocus.com/bid/95199/info

Contact Information

E-mail: contact@cert.ncb.mu

Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis

Top Link Bar

VN-2017-2

Subscribe to newsletter