CVE-2015-7411

high-risk

Published 2016-03-12

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.

Do I need to act?

0.79% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.9/10 Critical

NETWORK / LOW complexity

Affected Products (12)

Tivoli Monitoring

Affected Vendors

Ibm

References (6)

http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992

Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21973559

http://www.securitytracker.com/id/1035240

http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992

Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21973559

http://www.securitytracker.com/id/1035240

/ 100

high-risk

Severity 33/34 · Critical

Exploitability 3/34 · Minimal

Exposure 17/34 · Moderate