CVE-2017-1376

CVE-2017-1376

EPSS 2.6%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 2.6%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

28 Aug 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873.

Affected products

IBM · Operations Analytics Predictive Insights

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://access.redhat.com/errata/RHSA-2017:2469 https://access.redhat.com/errata/RHSA-2017:2481 https://exchange.xforce.ibmcloud.com/vulnerabilities/126873 http://www.ibm.com/support/docview.wss?uid=swg22007305&myns=swgtiv&mynp=OCSSJQQ3&mync=E&cm_sp=swgtiv-_-OCSSJQQ3-_-E