IBM » Tivoli Management Framework : Security Vulnerabilities, CVEs, Published In 2000
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
Max CVSS
9.0
EPSS Score
0.32%
Published
2000-12-31
Updated
2017-07-20
1 vulnerabilities found