CVE-2015-1992

IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0, and 6.3.6.0 improperly processes events, which allows local users to gain privileges via unspecified vectors.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=nas7d9a0db411a9071e986257e8c0029b365	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08185	Broken Link
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098524	Vendor Advisory
http://www.securitytracker.com/id/1033653	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:systems_director:5.20:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.0.0:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.1.0:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.1.1:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.2.0:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.2.1:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.2.2:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.3.0:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.3.1:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.5.0:::::::*
	cpe:2.3:a:ibm:systems_director:6.3.6.0:::::::*

History

No history.

Information

Published : 2015-08-23 14:59

Updated : 2024-02-28 15:21

NVD link : CVE-2015-1992

Mitre link : CVE-2015-1992

CVE.ORG link : CVE-2015-1992

JSON object : View

Products Affected

ibm

systems_director

CWE

NVD-CWE-noinfo

{"id": "CVE-2015-1992", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-08-23T14:59:00.100", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=nas7d9a0db411a9071e986257e8c0029b365", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT08185", "tags": ["Broken Link"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098524", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.securitytracker.com/id/1033653", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0, and 6.3.6.0 improperly processes events, which allows local users to gain privileges via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad en IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0 y 6.3.6.0 procesa inadecuadamente eventos, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de vectores no especificados."}], "lastModified": "2016-12-08T18:56:50.993", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:systems_director:5.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAD28AEA-B7DA-4879-99BC-A6DF7E5F3547"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7C028E9-5992-43C0-AF73-BB3A9BCD2849"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D639AD14-D731-48A4-80F0-E7ED04CD49A5"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE04E203-737E-48D6-8D1F-CF6E2E9D4802"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E74C31F-B9D6-4A6A-9138-9A91D9C23886"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BEC1AE7-2B3E-4D6B-AA4C-5D59631AB2AD"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AFB98D4-D377-4A0E-B07B-7551127283CD"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81A2825F-BA4E-4273-A456-78F76A8A6894"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F46E54C-F7A6-4944-AE98-015A5EED3BFE"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A84BFC5C-C1D8-4387-9EEB-9412D83343C5"}, {"criteria": "cpe:2.3:a:ibm:systems_director:6.3.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C43F8D39-ECA3-4E70-A6CE-B8CBAA9E5061"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}