PT-2015-1380 · Ibm · Ibm Infosphere Information Server

Publicado

2015-05-25

Atualizado

2015-05-26

CVE-2015-0180

CVSS v2.0

5.5

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server versions 8.1 through 11.3

Description The issue is related to insufficient access control in the Connector Migration Tool component, allowing remote authenticated users to bypass intended restrictions. This can lead to unauthorized job creation and modification.

Recommendations For IBM InfoSphere Information Server versions 8.1 through 11.3, consider restricting access to the Connector Migration Tool until a fix is available to prevent unauthorized job creation and modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

BDU:2015-10473

CVE-2015-0180

Produtos afetados

Ibm Infosphere Information Server

PT-2015-1380 · Ibm · Ibm Infosphere Information Server

CVE-2015-0180

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4