LDAP Injection Vulnerability in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005

LDAP Injection Vulnerability in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005

CVE-2015-7466 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended query restrictions or modify the LDAP directory, via unspecified vectors.

Learn more about our Cis Benchmark Audit For Ibm I.