CVE-2015-4963

Currently unrated

Key Information:

Vendor
IBM
Status
Security Access Manager For Web
Vendor
CVE Published:
8 November 2015

Summary

IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via unspecified vectors.

References

http://www.securitytracker.com/id/1034103
vdb-entryx_refsource_SECTRACK
http://www-01.ibm.com/support/docview.wss?uid=swg21964828
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71196
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.