Arbitrary Command Execution in IBM Spectrum and Platform Symphony Products
CVE-2018-1595
8.8HIGH
Summary
IBM Spectrum Symphony and Platform Symphony versions 7.1.2 and 7.2.0.2 are susceptible to an arbitrary command execution vulnerability that arises from improper handling of user-supplied input. This flaw can be exploited by authenticated users to execute arbitrary commands, potentially leading to significant security risks. For further details, please refer to the IBM support documentation and the IBM X-Force ID: 143622.
Affected Version(s)
Spectrum Symphony 7.2.0.2
Spectrum Symphony 7.1.2
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved