Vulnerabilities > CVE-2016-2867 - 7PK - Security Features vulnerability in IBM Infosphere Streams and Streams

047910
CVSS 7.0 - HIGH
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
high complexity
ibm
CWE-254

Summary

IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors.

Common Weakness Enumeration (CWE)