Test ID:	1.3.6.1.4.1.25623.1.0.103768
Category:	Web application abuses
Title:	IBM 1754 GCM16 and GCM32 Global Console Managers Multiple Command Execution Vulnerabilities
Summary:	IBM 1754 GCM16 and GCM32 Global Console Managers are prone to multiple; command-execution vulnerabilities because they fail to sanitize user-supplied input.
Description:	Summary: IBM 1754 GCM16 and GCM32 Global Console Managers are prone to multiple command-execution vulnerabilities because they fail to sanitize user-supplied input. Vulnerability Insight: IBM 1754 GCM16 and GCM32 versions 1.18.0.22011 and below contain a flaw that allows a remote authenticated user to execute unauthorized commands as root. This flaw exists because webapp variables are not sanitized. Vulnerability Impact: Successful exploit of these issues may allow an attacker to execute arbitrary commands with the privileges of the root user. Affected Software/OS: IBM 1754 GCM16 Global Console Manager 1.18.0.22011 and prior IBM 1754 GCM32 Global Console Manager 1.18.0.22011 and prior. Solution: Updates (Version 1.18.0.22011) are available. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0526 http://www.bitcloud.es/2013/08/vulnerabilidad-en-kvms-gcm1632-de-ibm.html XForce ISS Database: gcm-cve20130526-command-exec(85367) https://exchange.xforce.ibmcloud.com/vulnerabilities/85367
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.