CVE-2015-1975
Summary
| CVE | CVE-2015-1975 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-03 22:29:00 UTC |
| Updated | 2018-05-10 14:21:00 UTC |
| Description | The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows local users to gain privileges via vectors related to argument injection. IBM X-Force ID: 103694. |
Risk And Classification
Problem Types: CWE-74
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Tivoli Directory Server | 6.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.1.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.2.0.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.3.0.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.3.1.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.4.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.1.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.2.0.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.3.0.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.3.1.0 | All | All | All |
| Application | Ibm | Tivoli Directory Server | 6.4.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | VDB Entry, Vendor Advisory |
| IBM Security Directory Server CVE-2015-1975 Remote Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| IBM Security Bulletin: Multiple Vulnerabilities fixed in IBM Security Directory Server - United States | CONFIRM | www-01.ibm.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.