IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote malicious user to upload arbitrary files, caused by the improper validation of file extensions, which could allow the malicious user to execute arbitrary code on the vulnerable system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm security key lifecycle manager 2.5.0.1 |
||
ibm security key lifecycle manager 2.5.0.2 |
||
ibm security key lifecycle manager 2.5.0.3 |
||
ibm security key lifecycle manager 2.5.0.4 |
||
ibm security key lifecycle manager 2.5.0 |
||
ibm security key lifecycle manager 2.5.0.6 |
||
ibm security key lifecycle manager 2.6.0 |
||
ibm security key lifecycle manager 2.6.0.2 |
||
ibm security key lifecycle manager 2.5.0.0 |
||
ibm security key lifecycle manager 2.5.0.5 |
||
ibm security key lifecycle manager 2.5.0.7 |
||
ibm security key lifecycle manager 2.6.0.1 |