CVE-2015-7818
IBM System Networking Switch Center <7.3.1.5 - Command Injection
Title source: llmDescription
The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-551/
Vendor Advisory x_refsource_confirm
https://support.lenovo.com/us/en/product_security/len_2015_074
Scores
EPSS
0.0005
EPSS Percentile
14.3%
Details
CWE
CWE-264
Status
published
Products (2)
ibm/system_networking_switch_center
< 7.3.1.4
lenovo/switch_center
< 8.1.1.0
Published
Nov 12, 2015
Tracked Since
Feb 18, 2026