CVE-2016-6043 - Vulnerability Details

Vendors	Products
Ibm	Tivoli Storage Manager

Link	Providers
http://www.ibm.com/support/docview.wss?uid=swg21995754
http://www.securityfocus.com/bid/95090

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Tivoli Storage Manager Extended Edition", "vendor": "IBM Corporation", "versions": [{"status": "affected", "version": "6.4"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.1.1"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}]}], "datePublic": "2017-02-01T00:00:00", "descriptions": [{"lang": "en", "value": "Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced."}], "problemTypes": [{"descriptions": [{"description": "Bypass Security", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-02-02T10:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995754"}, {"name": "95090", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95090"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2016-6043", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Tivoli Storage Manager Extended Edition", "version": {"version_data": [{"version_value": "6.4"}, {"version_value": "7.1"}, {"version_value": "7.1.1"}, {"version_value": "6.1"}, {"version_value": "6.2"}, {"version_value": "6.3"}]}}]}, "vendor_name": "IBM Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Bypass Security"}]}]}, "references": {"reference_data": [{"name": "http://www.ibm.com/support/docview.wss?uid=swg21995754", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21995754"}, {"name": "95090", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95090"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:22:18.933Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995754"}, {"name": "95090", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95090"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2016-6043", "datePublished": "2017-02-01T20:00:00", "dateReserved": "2016-06-29T00:00:00", "dateUpdated": "2024-08-06T01:22:18.933Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Tivoli Storage Manager Extended Edition (string)

vendor : IBM Corporation (string)

versions : [ »

0 : { »

status : affected (string)

version : 6.4 (string)

}

1 : { »

status : affected (string)

version : 7.1 (string)

}

2 : { »

status : affected (string)

version : 7.1.1 (string)

}

3 : { »

status : affected (string)

version : 6.1 (string)

}

4 : { »

status : affected (string)

version : 6.2 (string)

}

5 : { »

status : affected (string)

version : 6.3 (string)

}

]

}

]

datePublic : 2017-02-01T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Bypass Security (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-02-02T10:57:01 (string)

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995754 (string)

}

1 : { »

name : 95090 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/95090 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@us.ibm.com (string)

ID : CVE-2016-6043 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Tivoli Storage Manager Extended Edition (string)

version : { »

version_data : [ »

0 : { »

version_value : 6.4 (string)

}

1 : { »

version_value : 7.1 (string)

}

2 : { »

version_value : 7.1.1 (string)

}

3 : { »

version_value : 6.1 (string)

}

4 : { »

version_value : 6.2 (string)

}

5 : { »

version_value : 6.3 (string)

}

]

}

]

}

vendor_name : IBM Corporation (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Bypass Security (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.ibm.com/support/docview.wss?uid=swg21995754 (string)

refsource : CONFIRM (string)

url : http://www.ibm.com/support/docview.wss?uid=swg21995754 (string)

}

1 : { »

name : 95090 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/95090 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T01:22:18.933Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995754 (string)

}

1 : { »

name : 95090 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/95090 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

cveId : CVE-2016-6043 (string)

datePublished : 2017-02-01T20:00:00 (string)

dateReserved : 2016-06-29T00:00:00 (string)

dateUpdated : 2024-08-06T01:22:18.933Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0CC9CE1A-7416-4F41-8699-693C161D8EE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AAC31A7A-CFFB-4590-B6B4-494F1005E4B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8092D853-0E6D-4104-B85B-92132D925DA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF3F1D-E6F5-4CA1-9BFD-C4C4B645FB0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C1864921-DA58-433F-8DFE-BF1E25B02C58", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "9A89E630-36F0-4807-B4B0-C53FFB636497", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0B7B9E69-407D-48E2-B49F-1C9263C052F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "212B26BB-0A19-41EB-811C-04C765374E8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "53CF0089-B81D-4738-85AC-E728DF77FBAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF39AAEE-2FC3-4ACC-AEF7-6E12EEEF0BCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB3B365E-0505-4A43-90A6-811D39BB6262", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B880E34D-A9B4-4A64-B734-71ADC0588761", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C3B578C6-A29A-41B6-A9B6-F7A08D9BE34B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8CA94D1-06FB-4C94-83FB-2BC52676BBDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "302756E5-F3E8-4F5E-90EA-A81A88DB55AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7C980FE7-8B2D-4ED4-A5BF-78615AD0F596", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD269C39-1070-44C3-B7FC-968C12A344E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F7AACC13-50CF-4229-B204-E30523A38721", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "834EBEBA-70E1-4089-A064-6BBFAD50D1CB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced."}, {"lang": "es", "value": "Tivoli Storage Manager Operations Center podr\u00eda permitir a un usuario local asumir el control de un usuario previamente registrado debido a que la expiraci\u00f3n de sesi\u00f3n no est\u00e1 forzada."}], "id": "CVE-2016-6043", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-01T20:59:01.897", "references": [{"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995754"}, {"source": "psirt@us.ibm.com", "tags": ["Technical Description", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95090"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995754"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Technical Description", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95090"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-384"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0CC9CE1A-7416-4F41-8699-693C161D8EE7 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : AAC31A7A-CFFB-4590-B6B4-494F1005E4B9 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 8092D853-0E6D-4104-B85B-92132D925DA8 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3FFF3F1D-E6F5-4CA1-9BFD-C4C4B645FB0F (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : C1864921-DA58-433F-8DFE-BF1E25B02C58 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 9A89E630-36F0-4807-B4B0-C53FFB636497 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:6.4.2.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B7B9E69-407D-48E2-B49F-1C9263C052F9 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 212B26BB-0A19-41EB-811C-04C765374E8A (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 53CF0089-B81D-4738-85AC-E728DF77FBAF (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : CF39AAEE-2FC3-4ACC-AEF7-6E12EEEF0BCB (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : BB3B365E-0505-4A43-90A6-811D39BB6262 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : B880E34D-A9B4-4A64-B734-71ADC0588761 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : C3B578C6-A29A-41B6-A9B6-F7A08D9BE34B (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E8CA94D1-06FB-4C94-83FB-2BC52676BBDC (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.3.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 302756E5-F3E8-4F5E-90EA-A81A88DB55AD (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 7C980FE7-8B2D-4ED4-A5BF-78615AD0F596 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : FD269C39-1070-44C3-B7FC-968C12A344E8 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : F7AACC13-50CF-4229-B204-E30523A38721 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:ibm:tivoli_storage_manager:7.1.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 834EBEBA-70E1-4089-A064-6BBFAD50D1CB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. (string)

}

1 : { »

lang : es (string)

value : Tivoli Storage Manager Operations Center podría permitir a un usuario local asumir el control de un usuario previamente registrado debido a que la expiración de sesión no está forzada. (string)

}

]

id : CVE-2016-6043 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.4 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:L/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 3.4 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 1 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-02-01T20:59:01.897 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995754 (string)

}

1 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Technical Description (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/95090 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995754 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Technical Description (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/95090 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-384 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object