IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users Inject Commands on the Target System.
IBM Tivoli Netcool Reporter prior to 18.104.22.168
A vulnerability was reported in IBM Tivoli Netcool Reporter.
A remote user can execute arbitrary code on the target system. A remote user can send specially crafted data to execute arbitrary commands on the target system. The code will run with the privileges of the target web service
A remote user can execute arbitrary code on the target system.
The vendor has issued a fix, Tivoli Netcool Reporter Support and Downloads .