CVE-2016-6104
published 2017-02-07CVE-2016-6104: IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions…
high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm_corporation | key_lifecycle_manager | — | — |
| ibm_corporation | key_lifecycle_manager | — | — |
| ibm_corporation | key_lifecycle_manager | — | — |
| ibm_corporation | key_lifecycle_manager | — | — |
| ibm_corporation | key_lifecycle_manager | — | — |