Vulnerability Details : CVE-2011-4668
IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2011-4668
Probability of exploitation activity in the next 30 days: 10.87%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-4668
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2011-4668
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-4668
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/71663
IBM Tivoli Netcool/Reporter script command execution CVE-2011-4668 Vulnerability Report
-
http://www-01.ibm.com/support/docview.wss?uid=swg24031456
IBM Tivoli Netcool Reporter 2.2.0 Fix Pack 8, 2.2.0-TIV-NCReporter-FP0008
-
http://www.securityfocus.com/bid/50864
IBM Tivoli Netcool/Reporter CGI Remote Command Injection Vulnerability
-
http://www.ibm.com/support/docview.wss?uid=swg1IZ94277
IBM notice: The page you requested cannot be displayed
Products affected by CVE-2011-4668
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0:tiv-ncreporter-if0002:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0:tiv-ncreporter-if0001:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_netcool\/reporter:2.2.0.4:*:*:*:*:*:*:*