Lucene search

MitreCVE-2010-4274

HistoryNov 17, 2010 - 1:00 a.m.

CVE-2010-4274

2010-11-1701:00:06

CWE-264

mitre

web.nvd.nist.gov

ibm

systems director

6.2.0

common agent

cve-2010-4274

nvd

permissions

local users

system group membership

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

Percentile

5.1%

JSON

reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership.

Affected configurations

Nvd

Node

ibmdirector_agentMatch6.2.0

VendorProductVersionCPE
ibmdirector_agent6.2.0cpe:2.3:a:ibm:director_agent:6.2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	director_agent	6.2.0	cpe:2.3:a:ibm:director_agent:6.2.0:::::::*

References

secunia.com/advisories/42239

securitytracker.com/id?1024736

www-01.ibm.com/support/docview.wss?uid=isg1IC71821

www.securityfocus.com/bid/44839

www.vupen.com/english/advisories/2010/2978

exchange.xforce.ibmcloud.com/vulnerabilities/63238

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-4274