CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-1947

HIGH
7.4
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile6.03th
Published2015年12月31日
Last Modified2026年5月6日

Vulnerability Description

Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local users to gain privileges via a Trojan horse library that is loaded by a setuid or setgid program.

Affected Platforms (CPE)

📦
Ibm

Infosphere Biginsights

= 3.0.0.0
📦
Ibm

Infosphere Biginsights

= 3.0.0.1
📦
Ibm

Infosphere Biginsights

= 3.0.0.2
📦
Ibm

Infosphere Biginsights

= 4.0.0.0

References & Advisories

🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21967131
🔗 http://www-304.ibm.com/support/docview.wss?uid=swg21970376
🔗 http://www.securityfocus.com/bid/79693
🔗 http://www.securitytracker.com/id/1034537
🔗 http://www.securitytracker.com/id/1034562
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21967131
🔗 http://www-304.ibm.com/support/docview.wss?uid=swg21970376
🔗 http://www.securityfocus.com/bid/79693

関連する脆弱性情報

CVE-2015-18367.3

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1...

CVE-2015-17727.3

The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3...

CVE-2014-47826.5

IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to discover SMTP server credentials via vectors related to the ...

CVE-2013-39936.5

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or...