The host is installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 and is prone to multiple SQL injection vulnerabilities. The flaws are present in the application, which fails to handle specially-crafted SQL statements. Successful exploitation allows remote attackers to execute arbitrary SQL commands.