Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2DB9672176BAA20D2A713CEBE7C5DBF396C5FDC76CD24B8637F4743253DDB3C9
HistoryAug 04, 2021 - 7:32 a.m.

Security Bulletin: IBM Security Privileged Identity Manager vulnerable to local command execution vulnerability (CVE-2020-15862)

2021-08-0407:32:01
www.ibm.com
12

0.0004 Low

EPSS

Percentile

14.3%

JSON

Summary

IBM Security Privileged Identity Manager has addressed the following vulnerability in net-SNMP component used.

Vulnerability Details

CVEID:CVE-2020-15862
**DESCRIPTION:**Net-SNMP could allow a local authenticated attacker to gain elevated privileges on the system, caused by an improper privilege management flaw related to SNMP WRITE access to the EXTEND MIB. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary commands on the system with root privileges.
CVSS Base score: 6.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187034 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
ISPIM 2.0.2
ISPIM 2.1.0

Remediation/Fixes

Product VRMF Remediation
IBM Security Privileged Identity Manager 2.1.0 - 2.1.0.14 2.1.0-ISS-ISPIM-VA-IF0014
IBM Security Privileged Identity Manager 2.0.2 - 2.0.2.14 2.0.2-ISS-ISPIM-VA-IF0014

Workarounds and Mitigations

None

Related

nessus 54
amazon 2
redhat 11
oraclelinux 3
cve 1
nvd 1
debiancve 1
openvas 22
cvelist 1
almalinux 1
centos 1
osv 3
redhatcve 1
ubuntucve 1
prion 1
veracode 1
f5 1
ibm 3
debian 3
ubuntu 2
photon 6
gentoo 1
rosalinux 1
suse 1
nessus
nessus
RHEL 7 : net-snmp (RHSA-2021:0257)
2021-02-01 00:00:00
RHEL 7 : net-snmp (RHSA-2021:0525)
2021-02-16 00:00:00
Oracle Linux 8 : net-snmp (ELSA-2020-5480)
2020-12-16 00:00:00
amazon
amazon
Important: net-snmp
2021-01-05 23:34:00
Important: net-snmp
2021-01-12 22:51:00
redhat
redhat
(RHSA-2020:5201) Important: net-snmp security and bug fix update
2020-11-24 09:49:57
(RHSA-2020:5420) Important: net-snmp security and bug fix update
2020-12-15 08:08:18
(RHSA-2020:5372) Important: net-snmp security update
2020-12-08 10:02:02
oraclelinux
oraclelinux
net-snmp security update
2020-12-07 00:00:00
net-snmp security and bug fix update
2020-12-17 00:00:00
net-snmp security update
2020-11-18 00:00:00
cve
cve
CVE-2020-15862
2020-08-20 01:17:13
nvd
nvd
CVE-2020-15862
2020-08-20 01:17:13
debiancve
debiancve
CVE-2020-15862
2020-08-20 01:17:13
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:0030-1)
2022-01-06 00:00:00
Debian: Security Advisory (DLA-2299-1)
2020-07-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:4191-1)
2021-12-28 00:00:00
cvelist
cvelist
CVE-2020-15862
2020-08-19 00:00:00
almalinux
almalinux
Important: net-snmp security and bug fix update
2020-12-15 15:56:47
centos
centos
net security update
2021-01-25 14:08:35
osv
osv
net-snmp - security update
2020-07-30 00:00:00
CVE-2020-15862
2020-08-20 01:17:13
net-snmp - security update
2020-08-15 00:00:00
redhatcve
redhatcve
CVE-2020-15862
2020-08-27 08:37:55
ubuntucve
ubuntucve
CVE-2020-15862
2020-08-06 00:00:00
prion
prion
Input validation
2020-08-20 01:17:00
veracode
veracode
Arbtirary Command Execution
2020-11-21 12:51:33
f5
f5
K44318398 : Net-SNMP vulnerability CVE-2020-15862
2021-04-23 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Netcool/OMNIbus Gateway for SNMP (CVE-2020-15861, CVE-2020-15862)
2020-11-03 02:07:52
Security Bulletin: Multiple vulnerabilities in Net-SNMP affects Netcool/OMNIbus SNMP Probe (CVE-2020-15861, CVE-2020-15862)
2020-11-03 02:05:40
Security Bulletin: Vulnerabilities in Net-SNMP library affect IBM Spectrum Control (CVE-2020-15861, CVE-2020-15862)
2020-11-05 09:51:32
debian
debian
[SECURITY] [DLA 2313-1] net-snmp security update
2020-08-04 15:30:18
[SECURITY] [DSA 4746-1] net-snmp security update
2020-08-15 11:56:43
[SECURITY] [DSA 4746-1] net-snmp security update
2020-08-15 11:56:43
ubuntu
ubuntu
Net-SNMP vulnerabilities
2020-08-24 00:00:00
Net-SNMP regression
2020-09-01 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0318
2020-08-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0138
2020-09-09 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0138
2020-09-09 00:00:00
gentoo
gentoo
Net-SNMP: Multiple vulnerabilities
2020-08-26 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1929
2021-07-02 17:32:57
suse
suse
Security update for opera (important)
2022-02-25 00:00:00

0.0004 Low

EPSS

Percentile

14.3%

JSON
Related for 2DB9672176BAA20D2A713CEBE7C5DBF396C5FDC76CD24B8637F4743253DDB3C9
nessus54amazon2redhat11oraclelinux3cve1nvd1debiancve1openvas22cvelist1almalinux1centos1osv3redhatcve1ubuntucve1prion1veracode1f51ibm3debian3ubuntu2photon6gentoo1rosalinux1suse1