CVE-2016-5990
https://notcve.org/view.php?id=CVE-2016-5990
IBM Security Privileged Identity Manager Virtual Appliance allows an authenticated user to upload malicious files that would be automatically executed by the server. IBM Security Privileged Identity Manager Virtual Appliance permite a un usuario autenticado cargar archivos maliciosos que serían ejecutados automáticamente por el servidor. • http://www.ibm.com/support/docview.wss?uid=swg21996614 http://www.securityfocus.com/bid/95199 • CWE-284: Improper Access Control •
CVE-2016-5988
https://notcve.org/view.php?id=CVE-2016-5988
IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user. IBM Security Privileged Identity Manager Virtual Appliance podría revelar información sensible en mensajes de error generados que estarían disponibles para un usuario autenticado. • http://www.ibm.com/support/docview.wss?uid=swg21996614 http://www.securityfocus.com/bid/95198 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •