ID de Prueba:	1.3.6.1.4.1.25623.1.0.103768
Categoría:	Web application abuses
Título:	IBM 1754 GCM16 and GCM32 Global Console Managers Multiple Command Execution Vulnerabilities
Resumen:	IBM 1754 GCM16 and GCM32 Global Console Managers are prone to multiple; command-execution vulnerabilities because they fail to sanitize user-supplied input.
Descripción:	Summary: IBM 1754 GCM16 and GCM32 Global Console Managers are prone to multiple command-execution vulnerabilities because they fail to sanitize user-supplied input. Vulnerability Insight: IBM 1754 GCM16 and GCM32 versions 1.18.0.22011 and below contain a flaw that allows a remote authenticated user to execute unauthorized commands as root. This flaw exists because webapp variables are not sanitized. Vulnerability Impact: Successful exploit of these issues may allow an attacker to execute arbitrary commands with the privileges of the root user. Affected Software/OS: IBM 1754 GCM16 Global Console Manager 1.18.0.22011 and prior IBM 1754 GCM32 Global Console Manager 1.18.0.22011 and prior. Solution: Updates (Version 1.18.0.22011) are available. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0526 http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html XForce ISS Database: gcm-cve20130526-command-exec(85367) https://exchange.xforce.ibmcloud.com/vulnerabilities/85367
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.