Details of VAR-201511-0264

ID

VAR-201511-0264

CVE

CVE-2015-7818

TITLE

IBM System Networking Switch Center and Lenovo Switch Center In SYSTEM Any at authority JSP Code execution vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-005919

DESCRIPTION

The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IBM SNSC Web Service, which listens by default on ports 40080 (HTTP) or 40443 (HTTPS) for requests to the administration panel. An attacker can leverage this access to install arbitrary .jsp files on the server, which will by default run under the context of SYSTEM. A local attacker can exploit this vulnerability to gain elevated privileges. The following products are affected: IBM System Networking Switch Center 7.1.3.4 and prior Lenovo Switch Center 8.1.1.0 and prior

Trust: 2.61

sources: NVD: CVE-2015-7818 // JVNDB: JVNDB-2015-005919 // ZDI: ZDI-15-551 // BID: 77548 // VULHUB: VHN-85779

AFFECTED PRODUCTS

vendor:	ibm	model:	system networking switch center	scope:	lte	version:	7.3.1.4	Trust: 1.0
vendor:	lenovo	model:	switch center	scope:	lte	version:	8.1.1.0	Trust: 1.0
vendor:	lenovo	model:	switch center	scope:	eq	version:	8.1.1.0	Trust: 0.9
vendor:	ibm	model:	system networking switch center	scope:	lt	version:	7.3.1.5	Trust: 0.8
vendor:	lenovo	model:	switch center	scope:	lt	version:	8.1.2.0	Trust: 0.8
vendor:	ibm	model:	system networking switch center	scope:	-	version:	-	Trust: 0.7
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.3.11	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.2.111	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.2.110	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1.32	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1.31	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.3.1.2	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1.3.4	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1.3.0	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1.2.0	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1.1.0	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	eq	version:	7.1	Trust: 0.3
vendor:	lenovo	model:	switch center	scope:	ne	version:	8.1.2.0	Trust: 0.3
vendor:	ibm	model:	system networking switch center	scope:	ne	version:	7.3.1.5	Trust: 0.3

sources: ZDI: ZDI-15-551 // BID: 77548 // JVNDB: JVNDB-2015-005919 // CNNVD: CNNVD-201511-168 // NVD: CVE-2015-7818

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7818
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-7818
value:	HIGH
Trust: 0.8
ZDI:	CVE-2015-7818
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-201511-168
value:	HIGH
Trust: 0.6
VULHUB:	VHN-85779
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-7818
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
VULHUB:	VHN-85779
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: ZDI: ZDI-15-551 // VULHUB: VHN-85779 // JVNDB: JVNDB-2015-005919 // CNNVD: CNNVD-201511-168 // NVD: CVE-2015-7818

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-85779 // JVNDB: JVNDB-2015-005919 // NVD: CVE-2015-7818

THREAT TYPE

local

Trust: 0.9

sources: BID: 77548 // CNNVD: CNNVD-201511-168

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201511-168

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005919

PATCH

title:	LEN-2015-074	url:	https://support.lenovo.com/jp/ja/product_security/len_2015_074	Trust: 0.8
title:	IBM has issued an update to correct this vulnerability.	url:	https://support.lenovo.com/us/en/product_security/len_2015_074	Trust: 0.7
title:	Lenovo Switch Center Fixes for permission permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58662	Trust: 0.6

sources: ZDI: ZDI-15-551 // JVNDB: JVNDB-2015-005919 // CNNVD: CNNVD-201511-168

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7818	Trust: 3.5
db:	ZDI	id:	ZDI-15-551	Trust: 3.5
db:	JVNDB	id:	JVNDB-2015-005919	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3008	Trust: 0.7
db:	CNNVD	id:	CNNVD-201511-168	Trust: 0.7
db:	BID	id:	77548	Trust: 0.4
db:	SEEBUG	id:	SSVID-89737	Trust: 0.1
db:	VULHUB	id:	VHN-85779	Trust: 0.1

sources: ZDI: ZDI-15-551 // VULHUB: VHN-85779 // BID: 77548 // JVNDB: JVNDB-2015-005919 // CNNVD: CNNVD-201511-168 // NVD: CVE-2015-7818

REFERENCES

url:	http://www.zerodayinitiative.com/advisories/zdi-15-551/	Trust: 2.8
url:	https://support.lenovo.com/us/en/product_security/len_2015_074	Trust: 2.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7818	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7818	Trust: 0.8
url:	http://www.ibm.com	Trust: 0.3

sources: ZDI: ZDI-15-551 // VULHUB: VHN-85779 // BID: 77548 // JVNDB: JVNDB-2015-005919 // CNNVD: CNNVD-201511-168 // NVD: CVE-2015-7818

CREDITS

rgod

Trust: 1.6

sources: ZDI: ZDI-15-551 // BID: 77548 // CNNVD: CNNVD-201511-168

SOURCES

db:	ZDI	id:	ZDI-15-551
db:	VULHUB	id:	VHN-85779
db:	BID	id:	77548
db:	JVNDB	id:	JVNDB-2015-005919
db:	CNNVD	id:	CNNVD-201511-168
db:	NVD	id:	CVE-2015-7818

LAST UPDATE DATE

2025-04-13T23:23:42.522000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-15-551	date:	2015-11-10T00:00:00
db:	VULHUB	id:	VHN-85779	date:	2015-11-12T00:00:00
db:	BID	id:	77548	date:	2015-11-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-005919	date:	2015-11-16T00:00:00
db:	CNNVD	id:	CNNVD-201511-168	date:	2015-11-13T00:00:00
db:	NVD	id:	CVE-2015-7818	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-15-551	date:	2015-11-10T00:00:00
db:	VULHUB	id:	VHN-85779	date:	2015-11-12T00:00:00
db:	BID	id:	77548	date:	2015-11-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-005919	date:	2015-11-16T00:00:00
db:	CNNVD	id:	CNNVD-201511-168	date:	2015-11-11T00:00:00
db:	NVD	id:	CVE-2015-7818	date:	2015-11-12T03:59:06.500