CVE-2015-5020

MEDIUM

IBM Infosphere Biginsights - Access Control

Title source: rule

Description

The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended access restrictions and truncate arbitrary tables via unspecified vectors.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21967923

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034561

Scores

CVSS v3 4.3

EPSS 0.0012

EPSS Percentile 30.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Classification

CWE

CWE-264

Status draft

Affected Products (4)

ibm/infosphere_biginsights

Timeline

Published Jan 02, 2016

Tracked Since Feb 18, 2026