SymmetricalDataSecurity: IBM Security Bulletin: A command injection vulnerability has been identified in IBM Security Access Manager for Web appliances (CVE-2016-3028)

Monday, September 26, 2016

IBM Security Bulletin: A command injection vulnerability has been identified in IBM Security Access Manager for Web appliances (CVE-2016-3028)

A vulnerability in IBM Security Access Manager for Web could allow a remote authenticated attacker with admin access to the LMI to execute arbitrary commands on the system.

CVE(s): CVE-2016-3028

Affected product(s) and affected version(s):

IBM Security Access Manager for Web 7.0 appliances

IBM Security Access Manager for Web 8.0, all firmware versions

IBM Security Access Manager 9.0, all firmware versions

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2cwpteU
X-Force Database: http://ift.tt/2dmagD6

from IBM Product Security Incident Response Team http://ift.tt/2cwoyL7

SymmetricalDataSecurity

Monday, September 26, 2016

IBM Security Bulletin: A command injection vulnerability has been identified in IBM Security Access Manager for Web appliances (CVE-2016-3028)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews