PatchSiren cyber security CVE debrief
CVE-2015-1976 IBM CVE debrief
CVE-2015-1976 concerns IBM Security Directory Server and related Tivoli Directory Server versions where an authenticated user could execute commands into the web administration tool and cause it to crash. NVD rates the issue as medium severity with a local attack vector and high availability impact, so systems that expose the admin interface to authenticated users should be reviewed promptly.
- Vendor
- IBM
- Product
- CVE-2015-1976
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-08
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-08
- Advisory updated
- 2026-05-13
Who should care
IBM Security Directory Server and Tivoli Directory Server administrators, especially teams that manage the web administration tool and any environment where authenticated users can reach it. Security operations should also care if legacy directory server versions remain in service.
Technical summary
NVD classifies this issue as CVSS 3.0 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) and maps it to CWE-284. The published record states that an authenticated user could execute commands into the web administration tool, resulting in a crash. NVD lists vulnerable IBM Security Directory Server versions 6.3.0.0 through 6.3.1.15 and 6.4.0.0 through 6.4.0.6, plus IBM Tivoli Directory Server versions 6.0 through 6.0.0.77, 6.1.0 through 6.1.0.72, 6.2.0.0 through 6.2.0.48, and 6.3.0.0 through 6.3.0.41.
Defensive priority
Medium. The issue requires authenticated local access, but it can fully disrupt availability of the web administration tool. Prioritize remediation where directory administration interfaces are reachable by broader internal user groups or where affected legacy versions are still deployed.
Recommended defensive actions
- Confirm whether any installed IBM Security Directory Server or Tivoli Directory Server instances match the vulnerable version ranges listed by NVD.
- Apply the IBM PSIRT patch or vendor remediation referenced in the IBM advisory linked from the NVD record.
- Restrict access to the web administration tool to the smallest possible administrative set and remove unnecessary authenticated access paths.
- Review authentication and administration logs for unusual command activity or unexplained crashes affecting the web administration interface.
- Plan upgrades off legacy Directory Server and Tivoli Directory Server versions that NVD lists as affected.
- Use least-privilege administration roles and segment directory administration interfaces from general user networks.
Evidence notes
The debrief is based only on the supplied NVD record and its linked references. NVD published the CVE record on 2017-02-08 and last modified it on 2026-05-13. The record includes an IBM vendor advisory reference (swg21980585) and a SecurityFocus third-party advisory entry (BID 90526), along with the vulnerable CPE/version ranges and CVSS/CWE data.
Official resources
-
CVE-2015-1976 CVE record
CVE.org
-
CVE-2015-1976 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
NVD published the CVE record on 2017-02-08 and modified it on 2026-05-13. The supplied corpus does not list it in CISA KEV.