Arbitrary Code Execution Vulnerability in IBM Tivoli Monitoring
CVE-2020-4311

7.4HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
23 April 2020

Summary

A vulnerability in IBM Tivoli Monitoring 6.3.0 may allow a local attacker to execute arbitrary code by placing a specially crafted file in the system. This could enable the attacker to load malicious DLL files from the same directory, thereby executing unauthorized code and potentially compromising the system's integrity.

Affected Version(s)

Tivoli Monitoring 6.3.0

References

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.