Remote Command Execution Vulnerability in IBM Tivoli Monitoring
CVE-2015-5003
8.5HIGH
Summary
The portal in IBM Tivoli Monitoring versions 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7 is vulnerable to a remote command execution issue. This enables authenticated users to exploit the Take Action view authority by submitting specially crafted input, potentially executing arbitrary commands within the system. Organizations using affected versions should apply updates or patches to mitigate this risk.
References
CVSS V3.1
Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved