Local Privilege Escalation in IBM Tivoli Monitoring Portal V6
CVE-2017-1181

7HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
17 July 2017

Summary

The IBM Tivoli Monitoring Portal V6 client has a vulnerability that may allow a local attacker to gain elevated privileges due to the default console connection not being encrypted. This weakness can result in unauthorized actions within the IBM Tivoli Monitoring environment, posing a significant security risk for organizations. Proper measures should be taken to secure communications and mitigate potential exploitation of this vulnerability.

Affected Version(s)

Tivoli Monitoring V6 6.2.3.5

Tivoli Monitoring V6 6.2.2.9

Tivoli Monitoring V6 6.3.0.7

References

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.