6.9
CVE-2014-3020
- EPSS 0.04%
- Published 29.07.2014 20:55:08
- Last modified 12.04.2025 10:46:40
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Embedded Websphere Application Server Version7.0
Ibm ≫ Tivoli Integrated Portal Version2.1
Ibm ≫ Tivoli Integrated Portal Version2.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.04% | 0.093 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 6.9 | 3.4 | 10 |
AV:L/AC:M/Au:N/C:C/I:C/A:C
|