CVE-2015-0172

HIGH

IBM Security SiteProtector System 3.0, 3.1.0, 3.1.1 - Exposure of Sensitive Information and Command Execution

Title source: llm
STIX 2.1

Description

IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended security restrictions and consequently execute unspecified commands and obtain sensitive information via unknown vectors. IBM X-Force ID: 100927.

References (1)

Core 1
Core References
Mitigation, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21699472

Scores

CVSS v3 7.5
EPSS 0.0141
EPSS Percentile 69.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (3)
ibm/security_siteprotector_system 3.0
ibm/security_siteprotector_system 3.1.0.0
ibm/security_siteprotector_system 3.1.1.0
Published Apr 10, 2018
Tracked Since Feb 18, 2026