CVE-2016-8932
published 2017-02-01CVE-2016-8932: IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| libarchive | libarchive | >= 0 < 3.1.2-7ubuntu2.3 | 3.1.2-7ubuntu2.3 |
| libarchive | libarchive | >= 0 < 3.1.2-11ubuntu0.16.04.2 | 3.1.2-11ubuntu0.16.04.2 |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv6.5MEDIUM