Unrestricted Encrypted File Access in IBM Tivoli Security Directory Server

Unrestricted Encrypted File Access in IBM Tivoli Security Directory Server

CVE-2015-1959 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not properly restrict encrypted files, which allows local users to obtain sensitive information or possibly have unspecified other impact via a (1) download or (2) upload action.

Learn more about our Cis Benchmark Audit For Server Software.