Vulnerability Details CVE-2015-7466
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended query restrictions or modify the LDAP directory, via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.0%
CVSS Severity
CVSS v3 Score 3.1
CVSS v2 Score 4.0
References
Products affected by CVE-2015-7466
-
cpe:2.3:a:ibm:jazz_reporting_service:6.0