5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
IBM has released the following Interim Fix 2.0.3.3-IBM-SIQ4L-IF001 for IBM StoredIQ for Legal in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754.
CVEID: CVE-2017-5753
CVEID: CVE-2017-5715
CVEID: CVE-2017-5754
Affected Product Name
|
Affected Versions
—|—
IBM StoredIQ for Legal | 2.0.0.0 - 2.0.3.3
Product
| VRMF| APAR| Remediation/First Fix
—|—|—|—
IBM StoredIQ for Legal| 2.0.0.0 - 2.0.3.3| n/a| Upgrade to Fix Pack 2.0.3.3 and apply Interim Fix 2.0.3.3-IBM-SIQ4L-IF001, both are available from Fix Central.
None
CPE | Name | Operator | Version |
---|---|---|---|
storediq for legal | eq | 2.0 |
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N