CVE-2018-1411

3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Client Application AccessIBM Notes
Timeline
PublishedFeb 19
Latest updateMay 13

Description

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5ibm/client_application_access1.0.0.1, 1.0.1, 1.0.1.2+2
NVDibm/client_application_access1.0.0.1, 1.0.1, 1.0.1.2+2
CVEListV5ibm/notes5 versions+4
NVDibm/notes5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-jm7r-r858-j5r6: IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system2022-05-13
CVEList
CVE-2018-1411: IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system2018-02-19
CVE-2018-1411 (HIGH CVSS 7.8) | IBM Notes Diagnostics (IBM Client A | cvebase.io