IBM Tivoli Endpoint Manager Server 9.0.777 (patch 2) LDAP and AD Authentication
Medium Nessus Plugin ID 70586
SynopsisThe remote host is affected by an authentication-related vulnerability.
DescriptionAccording to its self-reported version, IBM Tivoli Endpoint Manager Server 9.0.777.0 (patch 2) is installed on the remote host. It is, therefore, affected by a vulnerability that could allow an attacker to impersonate any LDAP-authenticated Console user when LDAP and Active Directory authentication is enabled.
SolutionUpgrade to Tivoli Endpoint Manager Server 9.0.787 (patch 4) or later or disable LDAP and Active Directory authentication.