Local Command Execution Vulnerability in IBM Notes Products
CVE-2018-1410
7.8HIGH
Summary
The vulnerability in IBM Notes Diagnostics allows local users to leverage shared memory IPC to execute arbitrary commands on the system. An attacker can craft specific command lines that manipulate system execution through this vulnerability, posing significant security risks. While the affected products include IBM Client Application Access and IBM Notes, it is crucial for users to implement security measures and monitor their systems for signs of exploitation. For further details, IBM provides documentation to aid in the protection against these risks.
Affected Version(s)
Client Application Access 1.0.0.1
Client Application Access 1.0.1
Client Application Access 1.0.1.2
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved