CVE-2019-11771

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Eclipse OpenJ9 versions prior to 0.15.0

Description The issue concerns AIX builds of Eclipse OpenJ9, where unused RPATHs may facilitate code injection and privilege elevation by local users. This could allow a local attacker to gain elevated privileges on the system by injecting code.

Recommendations For versions prior to 0.15.0, update to version 0.15.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2019-11771

SUSE-SU-2019:14160-1

SUSE-SU-2019:14188-1

SUSE-SU-2019:2291-1

SUSE-SU-2019:2336-1

SUSE-SU-2019:2371-1

SUSE-SU-2019_14160-1

SUSE-SU-2019_2336-1

Affected Products

Eclipse Openj9

Ibm Aix

Suse

CVE-2019-11771

Weakness Enumeration

Related Identifiers

Affected Products

References · 56