CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
62.1%
Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 and 4.0.1 before FP1 allow context-dependent attackers to execute arbitrary code or cause a denial of service via a long line in (1) hrfstable.idx, (2) hrdevice.idx, (3) hrstorage.idx, or (4) lotusmapfile in the SSM Config directory, or (5) .manifest.hive in the main agent directory.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | tivoli_netcool_application_service_monitors | 4.0.0 | cpe:2.3:a:ibm:tivoli_netcool_application_service_monitors:4.0.0:*:*:*:*:*:*:* |
ibm | tivoli_netcool_application_service_monitors | 4.0.1 | cpe:2.3:a:ibm:tivoli_netcool_application_service_monitors:4.0.1:*:*:*:*:*:*:* |
ibm | tivoli_netcool_system_service_monitors | 4.0.0 | cpe:2.3:a:ibm:tivoli_netcool_system_service_monitors:4.0.0:*:*:*:*:*:*:* |
ibm | tivoli_netcool_system_service_monitors | 4.0.1 | cpe:2.3:a:ibm:tivoli_netcool_system_service_monitors:4.0.1:*:*:*:*:*:*:* |