cbcvebase.
CVE-2015-5018
published 2016-01-02

CVE-2015-5018: IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote…

high8CVSS 3.0
AVNACHPRHUINSCCHIHAH
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.

Affected

25 ranges
VendorProductVersion rangeFixed in
ibmsecurity_access_manager_9.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_7.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware
ibmsecurity_access_manager_for_web_8.0_firmware