Lucene search

[email protected]CVE-2011-3123

HistoryAug 10, 2011 - 8:55 p.m.

CVE-2011-3123

2011-08-1020:55:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

infosphere

information server

datastage

unix

linux

cve-2011-3123

local privilege escalation

security vulnerability

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

CPENameOperatorVersion
ibm:infosphere_datastageibm infosphere datastageeq8.5
ibm:infosphere_datastageibm infosphere datastageeq8.5.0.1
ibm:infosphere_information_serveribm infosphere information servereq8.5
ibm:infosphere_information_serveribm infosphere information servereq8.5.0.1

CPE	Name	Operator	Version
ibm:infosphere_datastage	ibm infosphere datastage	eq	8.5
ibm:infosphere_datastage	ibm infosphere datastage	eq	8.5.0.1
ibm:infosphere_information_server	ibm infosphere information server	eq	8.5
ibm:infosphere_information_server	ibm infosphere information server	eq	8.5.0.1

References

secunia.com/advisories/45036

www-01.ibm.com/support/docview.wss?uid=swg1JR39769

www.ibm.com/support/docview.wss?uid=swg21504279

www.ibm.com/support/docview.wss?uid=swg24030333

www.securityfocus.com/bid/48516

7.2 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2011-3123

cvelist1 prion1