Local Privilege Escalation in IBM Tivoli Monitoring Portal V6
CVE-2017-1181
7HIGH
Summary
The IBM Tivoli Monitoring Portal V6 client has a vulnerability that may allow a local attacker to gain elevated privileges due to the default console connection not being encrypted. This weakness can result in unauthorized actions within the IBM Tivoli Monitoring environment, posing a significant security risk for organizations. Proper measures should be taken to secure communications and mitigate potential exploitation of this vulnerability.
Affected Version(s)
Tivoli Monitoring V6 6.2.3.5
Tivoli Monitoring V6 6.2.2.9
Tivoli Monitoring V6 6.3.0.7
References
CVSS V3.1
Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved