IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 Directory Traversal Vulnerability

IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 Directory Traversal Vulnerability

CVE-2016-5970 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Directory traversal vulnerability in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.

Learn more about our Cis Benchmark Audit For Ibm I.