Modification of information in IBM Integrated Management Module (IMM)
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2015-3200 |
| CWE-ID | CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
IBM Integrated Management Module Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Modification of Information
EUVDB-ID: #VU717
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-3200
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to modify information on the target system.
The weakness exists due to access control flaw that allows a malicious user to obtain and modify data.
Successful exploitation of the vulnerability leads to modification of information on the vulnerable system.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM Integrated Management Module: 1.49
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/868462
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
