Vulnerability Details CVE-2016-2867
IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.8%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 6.9
Products affected by CVE-2016-2867
-
cpe:2.3:a:ibm:infosphere_streams:3.0.0
-
cpe:2.3:a:ibm:infosphere_streams:3.1.0
-
cpe:2.3:a:ibm:infosphere_streams:3.2.0
-
cpe:2.3:a:ibm:infosphere_streams:4.0
-
cpe:2.3:a:ibm:infosphere_streams:4.0.1
-
cpe:2.3:a:ibm:infosphere_streams:4.0.1.1
-
cpe:2.3:a:ibm:streams:4.1.1.0