IBM5E917093EBB956C97A256D23DD135F5BA28012256A0B86CDE36757BCEDB0BDA8Security Bulletin: IBM Security Access Manager Appliance is affected by a kernel vulnerability (CVE-2017-7558)
EPSS
Percentile
81.5%
Summary
IBM Security Access Manager Appliance has addressed the following vulnerability.
Vulnerability Details
CVEID:CVE-2017-7558
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by flaws in the inet_diag_msg_sctpaddrs_fill, inet_diag_msg_sctpladdrs_fill and sctp_get_sctp_info functions. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130875> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
Affected IBM Security Access Manager Appliance
|
Affected Versions
—|—
IBM Security Access Manager | 9.0.3.0 - 9.0.4.0
Remediation/Fixes
| Product | VRMF | APAR | Remediation |
|---|---|---|---|
| IBM Security Access Manager | 9.0.3.0 - | ||
| 9.0.4.0 | IJ08673 |
Workarounds and Mitigations
None.
Related
EPSS
Percentile
81.5%