Arbitrary Code Execution Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5 and 2.6

Arbitrary Code Execution Vulnerability in IBM Tivoli Key Lifecycle Manager 2.5 and 2.6

CVE-2016-6104 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system.

Learn more about our Web Application Penetration Testing UK.