← Voltar para CVEs
CVE-2016-6104
N/ADescricao
IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado2/7/2017
Ultima modificacao4/20/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
ibm:security_key_lifecycle_manager
Fraquezas (CWE)
CWE-434
Referencias
http://www.ibm.com/support/docview.wss?uid=swg21997988(psirt@us.ibm.com)
http://www.securityfocus.com/bid/95980(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=swg21997988(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/95980(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.