CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
AI Score
Confidence
High
EPSS
Percentile
5.1%
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
[
{
"product": "WebSphere Application Server Patterns",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "1.0.0.7"
},
{
"status": "affected",
"version": "2.2.0.0"
},
{
"status": "affected",
"version": "2.2.5.3"
}
]
},
{
"product": "WebSphere Application Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "Liberty"
}
]
},
{
"product": "Runtimes for Java Technology",
"vendor": "IBM",
"defaultStatus": "affected"
}
]
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
AI Score
Confidence
High
EPSS
Percentile
5.1%