Vulnerability Details : CVE-2015-1900
IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors.
Products affected by CVE-2015-1900
- cpe:2.3:a:ibm:infosphere_datastage:8.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:ibm:infosphere_datastage:11.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:ibm:infosphere_datastage:11.3.1.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:ibm:infosphere_datastage:8.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:ibm:infosphere_datastage:8.7:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:ibm:infosphere_datastage:9.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:ibm:infosphere_datastage:11.3.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
Exploit prediction scoring system (EPSS) score for CVE-2015-1900
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-1900
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2015-1900
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-1900
-
http://www-01.ibm.com/support/docview.wss?uid=swg21902280
IBM Security Bulletin: IBM InfoSphere Information Server is vulnerable to root privilege escalation (CVE-2015-1900)Patch;Vendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg1JR52770
IBM JR52770: IBM INFOSPHERE DATASTAGE IS VULNERABLE TO ROOT PRIVILEGE ESCALATIONVendor Advisory
-
http://www.securityfocus.com/bid/75481
IBM InfoSphere DataStage CVE-2015-1900 Local Arbitrary Code Execution VulnerabilityThird Party Advisory;VDB Entry
Jump to