CVE-2015-5042 - Vulnerability Details

Vendors	Products
Ibm	Emptoris Contract Management

Link	Providers
http://www-01.ibm.com/support/docview.wss?uid=swg21973592

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-02T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-02-15T02:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2015-5042", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:32:32.040Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2015-5042", "datePublished": "2016-02-15T02:00:00", "dateReserved": "2015-06-24T00:00:00", "dateUpdated": "2024-08-06T06:32:32.040Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-02-02T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-02-15T02:57:01 (string)

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www-01.ibm.com/support/docview.wss?uid=swg21973592 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@us.ibm.com (string)

ID : CVE-2015-5042 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www-01.ibm.com/support/docview.wss?uid=swg21973592 (string)

refsource : CONFIRM (string)

url : http://www-01.ibm.com/support/docview.wss?uid=swg21973592 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T06:32:32.040Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www-01.ibm.com/support/docview.wss?uid=swg21973592 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

cveId : CVE-2015-5042 (string)

datePublished : 2016-02-15T02:00:00 (string)

dateReserved : 2015-06-24T00:00:00 (string)

dateUpdated : 2024-08-06T06:32:32.040Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6F3C251-C3BA-4304-9878-102F3F2FFFCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "82DA8E24-DDBC-48E0-A2A3-57E06CDCF85C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "70478E47-1C52-45E6-92A9-698CA5C25C3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "4B85D7E5-9D5B-4B77-A032-3BF92C2EF735", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "A85A9BD0-6E1F-4758-AEF3-E10CC4F9FDCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "479D5852-9127-4AB3-82BB-37A552C14781", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "991D88E6-740E-4F75-B616-5179B015A9D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "88BD708C-D51D-4990-8262-52DB13B7EDC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "629E78F5-0CEE-4CC2-8C4B-949D15531905", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "808FE7AE-3D37-4646-AE54-6D430122DBCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "892A2283-35E9-4E61-A6D0-B3AF6FE16869", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FCDC9134-E550-495D-92E7-81CF72A2CC65", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "9B5470C2-DEB2-4DB9-9637-908FD1A0AE70", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "6398295F-71CC-41F7-8258-624BC208EF89", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "D089951B-A834-4B94-9979-F9466AA0A106", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "6827F5B1-0114-472F-9991-14F8B49D8B94", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7BAC0A1-FAE0-49F1-AE13-7022122A8E76", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CB8BBCB-22B3-4C96-9DF9-66163EFBA40D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "68E60709-D987-40D5-A71C-B2EF04D51081", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9D71EC5A-C9EE-4A2B-AA1E-E6987736ECC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "2FE59830-76AB-4458-8DBD-470DA0719B08", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "75785255-04E0-4A00-A6CE-FFEECEDEEF9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "68916D40-3CF4-4614-BDD1-31681F739598", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:emptoris_contract_management:10.0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "386B9AB2-B463-4A41-9CA4-1EB6F8572FFD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file."}, {"lang": "es", "value": "IBM Emptoris Contract Management 9.5.0.x en versiones anteriores a 9.5.0.6 iFix15, 10.0.0.x y 10.0.1.x en versiones anteriores a 10.0.1.5 iFix5, 10.0.2.x en versiones anteriores a 10.0.2.7 iFix4 y 10.0.4.x en versiones anteriores a 10.0.4.0 iFix3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante la inclusi\u00f3n de un archivo Flash manipulado."}], "id": "CVE-2015-5042", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-02-15T02:59:07.560", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : F6F3C251-C3BA-4304-9878-102F3F2FFFCB (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 82DA8E24-DDBC-48E0-A2A3-57E06CDCF85C (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 70478E47-1C52-45E6-92A9-698CA5C25C3C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 4B85D7E5-9D5B-4B77-A032-3BF92C2EF735 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.4:*:*:*:*:*:*:* (string)

matchCriteriaId : A85A9BD0-6E1F-4758-AEF3-E10CC4F9FDCF (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 479D5852-9127-4AB3-82BB-37A552C14781 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:9.5.0.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 991D88E6-740E-4F75-B616-5179B015A9D6 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 88BD708C-D51D-4990-8262-52DB13B7EDC7 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 629E78F5-0CEE-4CC2-8C4B-949D15531905 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 808FE7AE-3D37-4646-AE54-6D430122DBCD (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 892A2283-35E9-4E61-A6D0-B3AF6FE16869 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : FCDC9134-E550-495D-92E7-81CF72A2CC65 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 9B5470C2-DEB2-4DB9-9637-908FD1A0AE70 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 6398295F-71CC-41F7-8258-624BC208EF89 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.1.5:*:*:*:*:*:*:* (string)

matchCriteriaId : D089951B-A834-4B94-9979-F9466AA0A106 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 6827F5B1-0114-472F-9991-14F8B49D8B94 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C7BAC0A1-FAE0-49F1-AE13-7022122A8E76 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CB8BBCB-22B3-4C96-9DF9-66163EFBA40D (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 68E60709-D987-40D5-A71C-B2EF04D51081 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D71EC5A-C9EE-4A2B-AA1E-E6987736ECC9 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 2FE59830-76AB-4458-8DBD-470DA0719B08 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 75785255-04E0-4A00-A6CE-FFEECEDEEF9F (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.2.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 68916D40-3CF4-4614-BDD1-31681F739598 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:ibm:emptoris_contract_management:10.0.4.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 386B9AB2-B463-4A41-9CA4-1EB6F8572FFD (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file. (string)

}

1 : { »

lang : es (string)

value : IBM Emptoris Contract Management 9.5.0.x en versiones anteriores a 9.5.0.6 iFix15, 10.0.0.x y 10.0.1.x en versiones anteriores a 10.0.1.5 iFix5, 10.0.2.x en versiones anteriores a 10.0.2.7 iFix4 y 10.0.4.x en versiones anteriores a 10.0.4.0 iFix3 permite a atacantes remotos ejecutar código arbitrario mediante la inclusión de un archivo Flash manipulado. (string)

}

]

id : CVE-2015-5042 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : true (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-02-15T02:59:07.560 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www-01.ibm.com/support/docview.wss?uid=swg21973592 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www-01.ibm.com/support/docview.wss?uid=swg21973592 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object