CVE-2018-1771

Published Dec 20, 2018

Last updated 5 years ago

CVSS high 7.8

Overview

Description: IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.
Source: psirt@us.ibm.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:domino:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2ABCCAF-0BAF-43D0-9CC9-07208DAF824F",
            "versionEndIncluding": "9.0.1.10",
            "versionStartIncluding": "9.0.1.0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.0.0:if1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95B0C353-47E1-422D-B91B-4B764D248292"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.0.0:if2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3950AE9-589C-46F7-8A3E-EB15D8E9227B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.0.0:if3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "404E56E1-230C-4A8A-A688-5E06BC8E7E52"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.0.0:if4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5701F2D9-F0D0-4294-96FA-EF953E11D41A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.1.10:if1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D46F74B-B11C-4896-9643-854DA5038BC2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.1.10:if2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D133CFA-9EC2-4B32-A956-6146857CD032"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.1.10:if3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DD76DBD-5EFA-4880-B872-165548A9B0A5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:domino:9.0.1.10:if4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E61C8493-3F84-4B90-8D11-29E690960D07"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "863D67C1-FC55-4E89-83AF-9BEE3B990CBE",
            "versionEndIncluding": "9.0.1.10",
            "versionStartIncluding": "9.0.1.0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.0.0:if1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "853E12FE-40EB-40ED-9245-7CBD05D9BEC9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.0.0:if2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC3B7DB-578E-4C0E-9598-03D791094AC7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.0.0:if3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9CF936F-00EF-4DD7-B80B-47D64866AE88"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.0.0:if4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD2E5893-C2FA-4191-B861-39E60BB60979"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.1.10:if1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BC3FE1F-B09F-4B65-855A-41E8BF522E6A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.1.10:if2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDB9DABC-51B3-459C-924C-167AC1D572DD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.1.10:if3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECC028B6-D9A6-4CB8-A074-7A36694E3356"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.1.10:if4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C7450F2-09D0-466E-8F18-F213CCFD5081"
          },
          {
            "criteria": "cpe:2.3:a:ibm:notes:9.0.1.10:if5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D568103C-FFF1-4D2F-8C22-3D3AA39DD533"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References