Remote Code Execution Vulnerability in IBM Tivoli Endpoint
CVE-2011-2330

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Management Framework
Vendor: CVE Published:; 2 June 2011

What is CVE-2011-2330?

The vulnerability in IBM Tivoli Endpoint within the Tivoli Management Framework exposes an insecure built-in account, allowing remote attackers to access restricted pages and send unwanted requests via TCP port 9495. This flaw facilitates potential exploitation through remote code execution, emphasizing the need for prompt remediation measures by affected organizations.

References

http://securityreason.com/securityalert/8268

third-party-advisoryx_refsource_SREASON

http://www-01.ibm.com/support/docview.wss?uid=swg21499146

x_refsource_MISC

http://zerodayinitiative.com/advisories/ZDI-11-169/

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2011
Vulnerability Reserved
Jun 2, 2011