Multiple serious vulnerabilities have been found in IBM Director. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities

1. Vectors related to CIM server can be exploited remotely via a specially designed consumer name;
2. A directory traversal vulnerability can be exploited remotely via a specially designed URI.

IBM Director versions 5.20.3 SP 1 and earlier

Update to latest version

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/8190