CVE-2015-1900

Published Jun 29, 2015

Last updated 9 years ago

CVSS info 7.2

Overview

Description: IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors.
Source: psirt@us.ibm.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "965287C1-1C98-42E6-94C3-3DB67CC50E48"
          },
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1E57DBA-34A3-4CA8-AA8D-6055DC756779"
          },
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:8.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CB1760D-FED4-4430-9CFB-83608956E424"
          },
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EADE407-3A84-49ED-B818-63B42EE47EBA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEE407E4-910C-4AF1-B87B-F9B01759DDFC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:11.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD554818-742B-4033-B9FB-DD6E9BF76A8E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:infosphere_datastage:11.3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18580D4F-73AA-4D5E-998D-92A0012B810D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References