IBM Sterling Partner Engagement Manager is an automation management tool from IBM U.S.A. An LDAP injection vulnerability exists in IBM Sterling Partner Engagement Manager, which stems from the fact that some parameters in the code are not properly filtered and can be exploited by an authenticated attacker to cause privileges to be granted to unauthorized resources.