IBM InfoSphere Information Server could allow a local user to gain elevated privileges by placing arbitrary files in installation directories.
CVEID: CVE-2017-1468 DESCRIPTION: IBM InfoSphere Information Server could allow a local user to gain elevated privileges by placing arbitrary files in installation directories.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/128467 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
The following products, running on all supported platforms, are affected:
IBM InfoSphere Information Server: versions 9.1, 11.3, 11.5 and 11.7
IBM InfoSphere Information Server on Cloud: version 11.5
None
Mitigation Step:
IBM recommends using checksums to verify currently installed applications.
Help can be found here: