CVE-2020-4347

EUVD-2020-25594
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server Network Deployment. IBM X-Force ID: 178412.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
ibmCNA
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.0/I:L/C:L/S:U/AV:N/AC:L/UI:N/A:L/PR:N/E:U/RC:C/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
ibminfosphere_information_server
11.3
ibminfosphere_information_server
11.5
ibminfosphere_information_server
11.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/178412
https://www.ibm.com/support/pages/node/6191679
https://exchange.xforce.ibmcloud.com/vulnerabilities/178412
https://www.ibm.com/support/pages/node/6191679