CVE-2015-1992 : IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x,

IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0, and 6.3.6.0 improperly processes events, which allows local users to gain privileges via unspecified vectors.

Published 2015-08-23 14:59:00

Updated 2025-04-12 10:46:41

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2015-1992

IBM » Systems Director » Version: 6.3.2.1
cpe:2.3:a:ibm:systems_director:6.3.2.1:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.2.2
cpe:2.3:a:ibm:systems_director:6.3.2.2:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.0.0
cpe:2.3:a:ibm:systems_director:6.3.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.1.0
cpe:2.3:a:ibm:systems_director:6.3.1.0:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.5.0
cpe:2.3:a:ibm:systems_director:6.3.5.0:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.1.1
cpe:2.3:a:ibm:systems_director:6.3.1.1:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.2.0
cpe:2.3:a:ibm:systems_director:6.3.2.0:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.3.0
cpe:2.3:a:ibm:systems_director:6.3.3.0:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.3.1
cpe:2.3:a:ibm:systems_director:6.3.3.1:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 6.3.6.0
cpe:2.3:a:ibm:systems_director:6.3.6.0:*:*:*:*:*:*:*
Matching versions
IBM » Systems Director » Version: 5.20
cpe:2.3:a:ibm:systems_director:5.20:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-1992

EPSS FAQ

0.16%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 33 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-1992

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2015-1992

http://www-01.ibm.com/support/docview.wss?uid=nas7d9a0db411a9071e986257e8c0029b365

IBM Patching Instructions for IBM Systems Director - CVE-2015-1992
Vendor Advisory
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098524

IBM Security Bulletin: An unspecified vulnerability in event processing could allow elevated privileges in IBM Systems Director (CVE-2015-1992)
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08185

IBM notice: The page you requested cannot be displayed
Broken Link
http://www.securitytracker.com/id/1033653

IBM Systems Director Unspecified Event Processing Flaw Lets Local Users Gain Elevated Privileges - SecurityTracker
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2015-1992

Products affected by CVE-2015-1992

Exploit prediction scoring system (EPSS) score for CVE-2015-1992

CVSS scores for CVE-2015-1992

References for CVE-2015-1992