Описание
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 263580.
Ссылки
- Broken LinkVDB EntryVendor Advisory
- PatchVendor Advisory
- Broken LinkVDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:ibm:i:7.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.5:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.0002
Низкий
7.4 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-269
CWE-269
Связанные уязвимости
CVSS3: 7.4
github
больше 2 лет назад
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 263580.
EPSS
Процентиль: 5%
0.0002
Низкий
7.4 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-269
CWE-269