Lucene search

[email protected]CVE-2016-2946

HistoryDec 01, 2016 - 11:59 a.m.

CVE-2016-2946

2016-12-0111:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-2946

buffer overflow

ibm tivoli monitoring

itm 6.2.2

itm 6.2.3

itm 6.3.0

privilege escalation

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors.

Affected configurations

NVD

Node

ibmtivoli_monitoringMatch6.2.2

ibmtivoli_monitoringMatch6.2.2.1

ibmtivoli_monitoringMatch6.2.2.2

ibmtivoli_monitoringMatch6.2.2.3

ibmtivoli_monitoringMatch6.2.2.4

ibmtivoli_monitoringMatch6.2.2.5

ibmtivoli_monitoringMatch6.2.2.6

ibmtivoli_monitoringMatch6.2.2.7

ibmtivoli_monitoringMatch6.2.2.8

ibmtivoli_monitoringMatch6.2.2.9

ibmtivoli_monitoringMatch6.2.3

ibmtivoli_monitoringMatch6.3.0

AND

linuxlinux_kernelMatch-

CPENameOperatorVersion
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.1
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.2
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.3
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.4
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.5
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.6
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.7
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.8
ibm:tivoli_monitoringibm tivoli monitoringeq6.2.2.9

CPE	Name	Operator	Version
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.1
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.2
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.3
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.4
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.5
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.6
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.7
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.8
ibm:tivoli_monitoring	ibm tivoli monitoring	eq	6.2.2.9

Rows per page:

1-10 of 121

References

www-01.ibm.com/support/docview.wss?uid=swg1IV85845

www-01.ibm.com/support/docview.wss?uid=swg21984578

www.securityfocus.com/bid/92389

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2016-2946

ibm1 prion1 cvelist1 nvd1