Local Privilege Escalation in IBM Sterling Connect:Direct on Windows
CVE-2016-5991

4.5MEDIUM

Key Information:

Vendor

IBM
Status
Sterling Connect\
Vendor
CVE Published:
25 November 2016

What is CVE-2016-5991?

IBM Sterling Connect:Direct versions 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows contain a vulnerability that allows local users to escalate their privileges. This can occur through various unspecified methods, potentially leading to unauthorized access and actions performed at a higher privilege level than intended.

References

http://www.securityfocus.com/bid/94515
vdb-entryx_refsource_BID
http://www-01.ibm.com/support/docview.wss?uid=swg21989807
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IT16911
vendor-advisoryx_refsource_AIXAPAR

CVSS V3.1

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.