CVE-2014-0960CVE-2014-0960

Affected configuration(s):

cpe:/a:ibm:pureapplication_system:1.0.0.0
cpe:/a:ibm:pureapplication_system:1.0.0.1
cpe:/a:ibm:pureapplication_system:1.0.0.2
cpe:/a:ibm:pureapplication_system:1.0.0.3
cpe:/a:ibm:pureapplication_system:1.0.0.4
cpe:/a:ibm:pureapplication_system:1.1.0.0
cpe:/a:ibm:pureapplication_system:1.1.0.1
cpe:/a:ibm:pureapplication_system:1.1.0.2
cpe:/a:ibm:pureapplication_system:1.1.0.3
cpe:/a:ibm:pureapplication_system:1.1.0.4

Date published: 2014-06-14T07:18:54.817-04:00

Date last modified: 2017-08-28T21:34:22.593-04:00

CVSS Score: 6.6

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://www-01.ibm.com/support/docview.wss?uid=swg21675216

Summary: IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.