CVE-2013-5467 : Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Mo

Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM) on UNIX allow local users to gain privileges via unspecified vectors.

Published 2014-08-29 09:55:07

Updated 2017-08-29 01:33:49

Source IBM Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2013-5467

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-5467

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2013-5467

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-5467

http://www.securityfocus.com/bid/69436

IBM Tivoli Monitoring Agent CVE-2013-5467 Unspecified Local Privilege Escalation Vulnerability
http://www-01.ibm.com/support/docview.wss?uid=swg21675798

IBM Security Bulletin: Vulnerabilities in IBM Tivoli Monitoring agent and shared library with potential for privilege escalation (CVE-2013-5467)
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/88370

IBM Tivoli Monitoring agent privilege escalation CVE-2013-5467 Vulnerability Report

Products affected by CVE-2013-5467

IBM » Monitoring Agent For Unix Logs » Version: 6.2.1
cpe:2.3:a:ibm:monitoring_agent_for_unix_logs:6.2.1:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Agent For Unix Logs » Version: 6.2.2
cpe:2.3:a:ibm:monitoring_agent_for_unix_logs:6.2.2:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Agent For Unix Logs » Version: 6.2.0
cpe:2.3:a:ibm:monitoring_agent_for_unix_logs:6.2.0:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Agent For Unix Logs » Version: 6.2.3
cpe:2.3:a:ibm:monitoring_agent_for_unix_logs:6.2.3:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Server (ms) And Shared Libraries (ax) » Version: 6.2.3
cpe:2.3:a:ibm:monitoring_server_\(ms\)_and_shared_libraries_\(ax\):6.2.3:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Server (ms) And Shared Libraries (ax) » Version: 6.3.0
cpe:2.3:a:ibm:monitoring_server_\(ms\)_and_shared_libraries_\(ax\):6.3.0:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Server (ms) And Shared Libraries (ax) » Version: 6.2.0
cpe:2.3:a:ibm:monitoring_server_\(ms\)_and_shared_libraries_\(ax\):6.2.0:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Server (ms) And Shared Libraries (ax) » Version: 6.2.1
cpe:2.3:a:ibm:monitoring_server_\(ms\)_and_shared_libraries_\(ax\):6.2.1:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel
IBM » Monitoring Server (ms) And Shared Libraries (ax) » Version: 6.2.2
cpe:2.3:a:ibm:monitoring_server_\(ms\)_and_shared_libraries_\(ax\):6.2.2:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel

Vulnerability Details : CVE-2013-5467

Exploit prediction scoring system (EPSS) score for CVE-2013-5467

CVSS scores for CVE-2013-5467

CWE ids for CVE-2013-5467

References for CVE-2013-5467

Products affected by CVE-2013-5467