IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.
Max CVSS
5.5
EPSS Score
0.04%
Published
2017-02-08
Updated
2019-02-04
IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not properly restrict encrypted files, which allows local users to obtain sensitive information or possibly have unspecified other impact via a (1) download or (2) upload action.
Max CVSS
4.6
EPSS Score
0.04%
Published
2015-06-28
Updated
2016-12-28
IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not require authentication for access to LDAP Server log files, which allows remote attackers to obtain sensitive information via a crafted URL.
Max CVSS
5.0
EPSS Score
0.21%
Published
2011-07-17
Updated
2011-07-19
The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0006 allows remote attackers to cause a denial of service (daemon crash) via multiple incomplete DIGEST-MD5 connection attempts.
Max CVSS
5.0
EPSS Score
4.18%
Published
2010-08-02
Updated
2017-08-17
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!