CVE-2017-1181

Опубликовано: 17 июл. 2017

Источник: nvd

CVSS3: 7

CVSS2: 1.9

EPSS Низкий

Описание

IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22003402
Vendor Advisory
http://www.securityfocus.com/bid/99596
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038913
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/123487
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22003402
Vendor Advisory
http://www.securityfocus.com/bid/99596
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038913
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/123487
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00032

Низкий

7 High

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-319

Связанные уязвимости

GHSA-9jg8-998r-3fxr