CVE-2017-1539

Sažetak

IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 130807.

Reference

http://www.ibm.com/support/docview.wss?uid=swg22007451
http://www.securityfocus.com/bid/100967
https://exchange.xforce.ibmcloud.com/vulnerabilities/130807

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

26-09-2017 - 17:29