CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS
Percentile
68.2%
IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to load a malicious .dll with elevated privileges. IBM X-Force ID: 192155.
[
{
"product": "Spectrum Protect Operations Center",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "8.1.10.100"
},
{
"status": "affected",
"version": "7.1.12"
}
]
}
]