CVE-2020-4278

Опубликовано: 05 мар. 2020

Источник: nvd

CVSS3: 7.4

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Spectrum Suite for HPA 10.2 could allow a local user to escalate their privileges due to weak file permissions when specific debug settings are enabled in a Linux or Unix enviornment. IBM X-Force ID: 176137.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/176137
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/3357549
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/176137
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/3357549
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:platform_lsf:9.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:platform_lsf:10.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spectrum_computing_for_high_performance_analytics:10.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spectrum_lsf:10.2:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00082

Низкий

7.4 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-732

Связанные уязвимости

GHSA-9fm6-ffj9-f3wc

github

больше 3 лет назад

EPSS

Процентиль: 24%

0.00082

Низкий

7.4 High

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-732