Privilege Escalation Vulnerability in IBM Campaign
CVE-2018-1941

8.4HIGH

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
5 December 2018

Summary

A vulnerability in IBM Campaign versions 9.1.0 and 9.1.2 allows a local user to gain unauthorized admin privileges. This issue arises from the application failing to properly validate user access permissions, potentially compromising sensitive data and application integrity. Users are encouraged to review the patch and security guidelines provided by IBM to mitigate this risk.

Affected Version(s)

Campaign 9.1.2

Campaign 9.1.0

References

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.