CVE-2017-1469Code Injection in IBM Infosphere Information Server

CWE-94Code Injection3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 72.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Information Server
Timeline
PublishedAug 14
Latest updateMay 17

Description

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/infosphere_information_server11.3, 11.5, 9.1+2
NVDibm/infosphere_information_server11.3, 11.5, 9.1+2

🔴Vulnerability Details

2
GHSA
GHSA-6mpg-fqxp-qcp9: IBM InfoSphere Information Server 92022-05-17
CVEList
CVE-2017-1469: IBM InfoSphere Information Server 92017-08-14
CVE-2017-1469 — Code Injection in IBM | cvebase