Arbitrary OS Command Execution via LMI Access in IBM Security Access Manager

CVE-2015-5018 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.

Learn more about our Web App Pen Testing.