Insufficient Privilege Management in IBM InfoSphere Streams
CVE-2016-2867

7HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
2 July 2016

Summary

IBM InfoSphere Streams versions prior to 4.0.1.2 and 4.1.1.1 exhibit a vulnerability in the implementation of the runAsUser feature. This flaw allows local users to exploit unspecified vectors, thereby gaining unauthorized root group privileges. Organizations using affected versions should prioritize updates to ensure system security and mitigate potential exploitation risks. For more details, refer to the official IBM documentation.

References

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.