CVE-2017-1233
MEDIUMIBM BigFix Remote Control - Unauthorized File Replacement and Privilege Escalation
Title source: llmDescription
IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912.
References (2)
Core 2
Core References
VDB Entry, Vendor Advisory x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/123912
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg22011765
Scores
CVSS v3
6.7
EPSS
0.0032
EPSS Percentile
23.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-863
Status
published
Products (1)
ibm/bigfix_remote_control
9.1.4
Published
Jan 31, 2018
Tracked Since
Feb 18, 2026