CVE-2016-6104
N/A
N/A
Summary
IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM Corporation | Key Lifecycle Manager | 2.5 | affected |
| IBM Corporation | Key Lifecycle Manager | 1.0 | affected |
| IBM Corporation | Key Lifecycle Manager | 2.0 | affected |
| IBM Corporation | Key Lifecycle Manager | 2.0.1 | affected |
| IBM Corporation | Key Lifecycle Manager | 2.6 | affected |
Weaknesses
- Gain Access
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.