CVE-2017-1092

high-risk

Published 2017-05-22

IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.

Do I need to act?

77.9% chance of exploitation in next 30 days

EPSS score — higher than 22% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

2 public exploits available

42541, 42091

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (3)

Informix Open Admin Tool

Affected Vendors

Ibm

References (6)

Patch http://www.ibm.com/support/docview.wss?uid=swg22002897

https://www.exploit-db.com/exploits/42091/

https://www.exploit-db.com/exploits/42541/

Patch http://www.ibm.com/support/docview.wss?uid=swg22002897

https://www.exploit-db.com/exploits/42091/

https://www.exploit-db.com/exploits/42541/

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 27/34 · High

Exposure 9/34 · Low