Home Unlabelled IBM Security Bulletin: IBM Notes Privilege Escalation in IBM Notes Diagnostics service

IBM Security Bulletin: IBM Notes Privilege Escalation in IBM Notes Diagnostics service

By
Saturday, February 10, 2018
Read
Add Comment

By crafting a command line sent via the shared memory IPC, the service can be tricked into executing an executable chosen by the attacker. IBM plans to address this vulnerability by providing a fix.

CVE(s): CVE-2017-1720

Affected product(s) and affected version(s):

IBM Notes 9.0.1 to 9.0.1 FP10
IBM Notes 9.0 to 9.0 IF4
IBM Notes 8.5.3 to 8.5.3 FP6 IF15
IBM Notes 8.5.2 to 8.5.2 FP4 IF3
IBM Notes 8.5.1. to 8.5.1 FP5 IF3
IBM Notes 8.5 release

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22010767
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134807

The post IBM Security Bulletin: IBM Notes Privilege Escalation in IBM Notes Diagnostics service appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2Eiq0DK
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us