2016-03-18 14:00:00
mitre
PUBLISHED
IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to gain privileges by entering the ADM command and modifying a "page ID" field to the EMSPG2 transaction code. NOTE: the vendors perspective is that configuration and use of available security controls in the NVAS product mitigates the reported vulnerability