Arbitrary OS Command Execution via LMI Access in IBM Security Access Manager
CVE-2015-5018 · HIGH Severity
AV:N/AC:M/AU:S/C:C/I:C/A:C
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
Learn more about our Web App Pen Testing.