CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
5.1%
IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not properly restrict encrypted files, which allows local users to obtain sensitive information or possibly have unspecified other impact via a (1) download or (2) upload action.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | tivoli_directory_server | 6.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:* |
ibm | tivoli_directory_server | 6.1.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:* |
ibm | tivoli_directory_server | 6.2.0.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.0:*:*:*:*:*:*:* |
ibm | tivoli_directory_server | 6.3.0.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.0:*:*:*:*:*:*:* |
ibm | tivoli_directory_server | 6.3.1.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.3.1.0:*:*:*:*:*:*:* |
ibm | tivoli_directory_server | 6.4.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.4.0:*:*:*:*:*:*:* |