Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:tivoli_directory_server:6.3.0.17
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-1976 |
IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash. Published: February 08, 2017; 5:59:00 PM -0500 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2015-1977 |
Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. Published: July 15, 2016; 2:59:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-0138 |
GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. Published: March 24, 2015; 9:59:17 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |