← Volver a CVEs
CVE-2016-6104
N/ADescripcion
IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado2/7/2017
Ultima modificacion4/20/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
ibm:security_key_lifecycle_manager
Debilidades (CWE)
CWE-434
Referencias
http://www.ibm.com/support/docview.wss?uid=swg21997988(psirt@us.ibm.com)
http://www.securityfocus.com/bid/95980(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=swg21997988(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/95980(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.