Local Privilege Escalation in IBM Sterling Connect:Direct on Windows
CVE-2016-5991

4.5MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
25 November 2016

Summary

IBM Sterling Connect:Direct versions 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows contain a vulnerability that allows local users to escalate their privileges. This can occur through various unspecified methods, potentially leading to unauthorized access and actions performed at a higher privilege level than intended.

References

CVSS V3.1

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.