PT-2015-1380 · Ibm · Ibm Infosphere Information Server

Published

2015-05-25

Updated

2015-05-26

CVE-2015-0180

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server versions 8.1 through 11.3

Description The issue is related to insufficient access control in the Connector Migration Tool component, allowing remote authenticated users to bypass intended restrictions. This can lead to unauthorized job creation and modification.

Recommendations For IBM InfoSphere Information Server versions 8.1 through 11.3, consider restricting access to the Connector Migration Tool until a fix is available to prevent unauthorized job creation and modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2015-10473

CVE-2015-0180

Affected Products

Ibm Infosphere Information Server

PT-2015-1380 · Ibm · Ibm Infosphere Information Server

CVE-2015-0180

Weakness Enumeration

Related Identifiers

Affected Products

References · 4