Lucene search

PRIOn knowledge basePRION:CVE-2017-1190

HistoryAug 14, 2017 - 10:29 p.m.

Code injection

2017-08-1422:29:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary code on the system. By manipulating a configurable property, an attacker could exploit this vulnerability to gain full control over the system. IBM X-Force ID: 123559.

CPENameOperatorVersion
emptoris_strategic_supply_managementeq10.0.0.2
emptoris_strategic_supply_managementeq10.0.2.5
emptoris_strategic_supply_managementeq10.1.0.1
emptoris_strategic_supply_managementeq10.0.0.3
emptoris_strategic_supply_managementeq10.1.1.6
emptoris_strategic_supply_managementeq10.1.0.9
emptoris_strategic_supply_managementeq10.0.2.10
emptoris_strategic_supply_managementeq10.1.0.8
emptoris_strategic_supply_managementeq10.0.1.1
emptoris_strategic_supply_managementeq10.1.1.5

Name	Operator	Version
emptoris_strategic_supply_management	eq	10.0.0.2
emptoris_strategic_supply_management	eq	10.0.2.5
emptoris_strategic_supply_management	eq	10.1.0.1
emptoris_strategic_supply_management	eq	10.0.0.3
emptoris_strategic_supply_management	eq	10.1.1.6
emptoris_strategic_supply_management	eq	10.1.0.9
emptoris_strategic_supply_management	eq	10.0.2.10
emptoris_strategic_supply_management	eq	10.1.0.8
emptoris_strategic_supply_management	eq	10.0.1.1
emptoris_strategic_supply_management	eq	10.1.1.5

Rows per page:

1-10 of 461

References

www.ibm.com/support/docview.wss?uid=swg22006799

exchange.xforce.ibmcloud.com/vulnerabilities/123559

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for PRION:CVE-2017-1190