Vulnerability CVE-2015-0179
Published: 2015-04-05   Modified: 2015-04-06

Description:
Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Lotus Notes Diagnostic Tool 8.5 / 9.0 Privilege Escalation
ParagonSec
05.09.2017

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
IBM -> Domino 

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21700029
http://www.securitytracker.com/id/1032027
https://www.exploit-db.com/exploits/42605/
Copyright 2024, cxsecurity.com

 

Back to Top