CVE-2016-6124

Summary

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationKenexa LMS on Cloud13.0affected
IBM CorporationKenexa LMS on Cloud13.1affected
IBM CorporationKenexa LMS on Cloud13.2affected
IBM CorporationKenexa LMS on Cloud13.2.2affected
IBM CorporationKenexa LMS on Cloud13.2.3affected
IBM CorporationKenexa LMS on Cloud13.2.4affected
IBM CorporationKenexa LMS on Cloud14.0.0affected
IBM CorporationKenexa LMS on Cloud14.1.0affected
IBM CorporationKenexa LMS on Cloud14.2.0affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References