Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMF76019DCCD58069B04CD7793A31A07B79E4A371C2ACE415366D81701A058F1E1
HistoryJun 16, 2018 - 9:44 p.m.

Security Bulletin: A security vulnerability has been identified in IBM Tivoli / Security Directory Server

2018-06-1621:44:16
www.ibm.com
9

EPSS

0.003

Percentile

68.4%

JSON

Summary

Web Administration tool is shipped with IBM Tivoli / Security Directory Server. It is susceptible to a path traversal issue.

Vulnerability Details

CVEID: CVE-2015-1977**
DESCRIPTION:** IBM Security Directory Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/…/) to view arbitrary files on the system.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103696 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Affected Products and Versions

IBM Tivoli Directory Server Version 6.1.0.73 and earlier

IBM Tivoli Directory Server Version 6.2.0.49 and earlier
IBM Tivoli Directory Server Version 6.3.0.42 and earlier
IBM Security Directory Server Version 6.3.1.17 and earlier
IBM Security Directory Server Version 6.4.0.8 and earlier

Remediation/Fixes

ITDS 6.1

| 6.1.0.74-ISS-ISDS-IF0074
—|—
ITDS 6.2 | 6.2.0.50-ISS-ISDS-IF0050
ITDS 6.3| 6.3.0.43-ISS-ISDS-IF0043
ISDS 6.3.1| 6.3.1.18-ISS-ISDS-IF0018
ISDS 6.4| 6.4.0.9-ISS-ISDS-IF0009

Workarounds and Mitigations

None

Related

cvelist 1
nvd 1
prion 1
cve 1
cvelist
cvelist
CVE-2015-1977
2016-07-15 18:00:00
nvd
nvd
CVE-2015-1977
2016-07-15 18:59:00
prion
prion
Directory traversal
2016-07-15 18:59:00
cve
cve
CVE-2015-1977
2016-07-15 18:59:00

EPSS

0.003

Percentile

68.4%

JSON
Related for F76019DCCD58069B04CD7793A31A07B79E4A371C2ACE415366D81701A058F1E1
cvelist1nvd1prion1cve1