CyberSec.Space Logo
Back to CVE Browser

CVE-2017-1407

HIGH
8.8
CVSS Severity Score
EPSS Score0.0360%
EPSS Percentile5.81th
PublishedSep 28, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 127394.

Affected Platforms (CPE)

πŸ“¦
Ibm

Security Identity Governance And Intelligence

= 5.2.0
πŸ“¦
Ibm

Security Identity Governance And Intelligence

= 5.2.1
πŸ“¦
Ibm

Security Identity Manager

= 6.0.0.0
πŸ“¦
Ibm

Security Identity Manager

= 7.0.0.0
πŸ“¦
Ibm

Security Privileged Identity Manager

= 2.0.0
πŸ“¦
Ibm

Security Privileged Identity Manager

= 2.0.1
πŸ“¦
Ibm

Security Privileged Identity Manager

= 2.0.2

References & Advisories

πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22007377
πŸ”— http://www.securityfocus.com/bid/101015
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/127394
πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22007377
πŸ”— http://www.securityfocus.com/bid/101015
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/127394

Related Vulnerabilities

CVE-2020-49589.8

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a prov...

CVE-2020-47958.2

IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a speci...

CVE-2018-17567.5

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send s...

CVE-2020-42327.5

IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credent...