CVE-2018-1410

3 documents3 sources

Severity

7.8HIGH

EPSS

0.0%

top 87.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Client Application Access IBM Notes

Timeline

PublishedFeb 19

Latest updateMay 13

Description

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5ibm/client_application_access1.0.0.1, 1.0.1, 1.0.1.2+2

▶NVDibm/client_application_access1.0.0.1, 1.0.1, 1.0.1.2+2

▶CVEListV5ibm/notes5 versions+4

▶NVDibm/notes5 versions+4

🔴Vulnerability Details

GHSA

GHSA-2343-rx97-48x3: IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system↗2022-05-13

▶

CVEList

CVE-2018-1410: IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system↗2018-02-19

▶