Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 prior to 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended query restrictions or modify the LDAP directory, via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm jazz reporting service 6.0 |