Vulnerability in Ibm Tivoli_management_framework
CVE-2011-2330
Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a sessi…
EPSS: 0.016 (82.3th percentile) — read the EPSS interpretation.
Affected products
- Ibm Tivoli_management_framework — versions 3.7.1, 4.1, 4.1.1
- N/a — versions n/a
Weakness classification (CWE)
References
- 8268 (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- 20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
- tivoli-framework-endpoint-code-exec(67858) (vdb-entry, x_refsource_XF)