Lucene search

[email protected]CVE-2010-4274

HistoryNov 17, 2010 - 1:00 a.m.

CVE-2010-4274

2010-11-1701:00:06

CWE-264

[email protected]

web.nvd.nist.gov

ibm

systems director

6.2.0

common agent

cve-2010-4274

nvd

permissions

local users

system group membership

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership.

Affected configurations

NVD

Node

ibmdirector_agentMatch6.2.0

CPENameOperatorVersion
ibm:director_agentibm director agenteq6.2.0

CPE	Name	Operator	Version
ibm:director_agent	ibm director agent	eq	6.2.0

References

secunia.com/advisories/42239

securitytracker.com/id?1024736

www-01.ibm.com/support/docview.wss?uid=isg1IC71821

www.securityfocus.com/bid/44839

www.vupen.com/english/advisories/2010/2978

exchange.xforce.ibmcloud.com/vulnerabilities/63238

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-4274

nvd1 prion1 cvelist1