Vulnerability Description
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Access Manager 9.0 Firmware | 9.0.0 |
| Ibm | Security Access Manager For Web 7.0 Firmware | 7.0.0.1 |
| Ibm | Security Access Manager For Web 8.0 Firmware | 8.0.0.1 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780
- http://www-01.ibm.com/support/docview.wss?uid=swg21970510Vendor Advisory
- http://www.securitytracker.com/id/1034560
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780
- http://www-01.ibm.com/support/docview.wss?uid=swg21970510Vendor Advisory
- http://www.securitytracker.com/id/1034560
FAQ
What is CVE-2015-5018?
CVE-2015-5018 is a vulnerability with a CVSS score of 8.0 (HIGH). IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands...
How severe is CVE-2015-5018?
CVE-2015-5018 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-5018?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Access Manager 9.0 Firmware, Ibm Security Access Manager For Web 7.0 Firmware, Ibm Security Access Manager For Web 8.0 Firmware.