IBM1FABAB19FA723D66FA5DB0A3DA1592B8BAEFAA928BFB00109A8F9A028AF0DD56Security Bulletin: IBM InfoSphere Information Server is vulnerable to a privilege escalation
0.0004 Low
EPSS
Percentile
5.1%
Summary
IBM InfoSphere Information Server could allow a local user to gain elevated privileges by placing arbitrary files in installation directories.
Vulnerability Details
CVEID: CVE-2017-1468 DESCRIPTION: IBM InfoSphere Information Server could allow a local user to gain elevated privileges by placing arbitrary files in installation directories.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/128467 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
The following products, running on all supported platforms, are affected:
IBM InfoSphere Information Server: versions 9.1, 11.3, 11.5 and 11.7
IBM InfoSphere Information Server on Cloud: version 11.5
Remediation/Fixes
None
Workarounds and Mitigations
Mitigation Step:
IBM recommends using checksums to verify currently installed applications.
Help can be found here:
Related
0.0004 Low
EPSS
Percentile
5.1%