Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-0179

CWE-2644 documents4 sources
Severity
7.2HIGH
EPSS
0.7%
top 28.18%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Domino
Timeline
PublishedApr 6
Latest updateMay 13

Description

Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/domino5 versions+4

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-fwhh-r6jr-f959: Notes System Diagnostic (NSD) in IBM Domino 82022-05-13
CVEList
CVE-2015-0179: Notes System Diagnostic (NSD) in IBM Domino 82015-04-06

💥Exploits & PoCs

1
Exploit-DB
Lotus Notes Diagnostic Tool 8.5/9.0 - Local Privilege Escalation2017-09-02
CVE-2015-0179 (HIGH CVSS 7.2) | Notes System Diagnostic (NSD) in IB | cvebase.io