CVE-2015-7818 — HIGH (7.2) — White Hats Nepal

Q: How severe is CVE-2015-7818?

CVE-2015-7818 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-7818?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm System Networking Switch Center, Lenovo Switch Center.

Vulnerability Description

The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Ibm	System Networking Switch Center	<= 7.3.1.4
Lenovo	Switch Center	<= 8.1.1.0

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2015-7818?

CVE-2015-7818 is a vulnerability with a CVSS score of 7.2 (HIGH). The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM p...

How severe is CVE-2015-7818?

CVE-2015-7818 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7818?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm System Networking Switch Center, Lenovo Switch Center.