CVE 2016-5963
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which allows remote authenticated users to execute arbitrary code via unspecified vectors.
See the
CVE page on Mitre.org
for more details.