CVE-2018-1595

CVSS 8.8 HIGHEPSS 2.4%

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.8EPSS 2.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

01 Aug 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. IBM X-Force ID: 143622.

CVSS:3.0/A:H/AC:L/AV:N/C:H/I:H/PR:L/S:U/UI:N/E:U/RC:C/RL:O

Affected products

IBM · Spectrum Symphony

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/143622 https://www.ibm.com/support/docview.wss?uid=isg3T1027819 http://www.securityfocus.com/bid/104956