Vulnerability Name: | CVE-2015-0179 (CCN-100945) | ||||||||
Assigned: | 2014-11-18 | ||||||||
Published: | 2015-01-14 | ||||||||
Updated: | 2019-10-16 | ||||||||
Summary: | Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V. | ||||||||
CVSS v3 Severity: | 8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-264 | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: MITRE Type: CNA CVE-2015-0179 Source: CCN Type: IBM Security Bulletin 1700029 IBM Domino LDAP Server (CVE-2015-0117), SSLv2 (CVE-2015-0134) & Notes System Diagnostics (CVE-2015-0179) vulnerabilities Source: CONFIRM Type: Patch, Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21700029 Source: SECTRACK Type: Third Party Advisory, VDB Entry 1032027 Source: XF Type: UNKNOWN ibm-domino-cve20150179-priv-escalation(100945) Source: CCN Type: Packet Storm Security [09-02-2017] Lotus Notes Diagnostic Tool 8.5 / 9.0 Privilege Escalation Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [09-02-2017] Source: EXPLOIT-DB Type: UNKNOWN 42605 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |