CVE-2015-5020

The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended access restrictions and truncate arbitrary tables via unspecified vectors.

Published: Jan 2, 2016
Updated: Apr 13, 2023
CVE: CVE-2015-5020
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ibm / infosphere_biginsights	3.0.0.2	3.0.0.2.x
ibm / infosphere_biginsights	3.0.0.0	3.0.0.0.x
ibm / infosphere_biginsights	3.0.0.1	3.0.0.1.x
ibm / infosphere_biginsights	4.0.0.0	4.0.0.0.x

http://www-01.ibm.com/support/docview.wss?uid=swg21967923
http://www.securitytracker.com/id/1034561

Vulnerability Database

289,697

CVE-2015-5020