Arbitrary Command Execution Vulnerability in IBM Security Identity Manager Virtual Appliance 6.0 and 7.0

Arbitrary Command Execution Vulnerability in IBM Security Identity Manager Virtual Appliance 6.0 and 7.0

CVE-2017-1407 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 127394.

Learn more about our Web Application Penetration Testing UK.