| Vulnerability Name: | CVE-2013-5467 (CCN-88370) | ||||||||
| Assigned: | 2013-08-22 | ||||||||
| Published: | 2014-08-26 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM) on UNIX allow local users to gain privileges via unspecified vectors. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.6 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
5.4 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-5467 Source: CCN Type: IBM Security Bulletin 1675798 Vulnerabilities in IBM Tivoli Monitoring agent and shared library with potential for privilege escalation (CVE-2013-5467) Source: CONFIRM Type: Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21675798 Source: BID Type: UNKNOWN 69436 Source: CCN Type: BID-69436 IBM Tivoli Monitoring Agent CVE-2013-5467 Unspecified Local Privilege Escalation Vulnerability Source: XF Type: UNKNOWN ibm-tivoli-cve20135467-priv-escalation(88370) Source: XF Type: UNKNOWN ibm-itm-cve20135467-priv-esc(88370) Source: CCN Type: Packet Storm Security [10-30-2014] IBM Tivoli Monitoring 6.2.2 kbbacf1 Privilege Escalation Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [10-29-2014] | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||