Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-4991


IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows local users to obtain sensitive information by reading a dump file.


Published

2016-02-15T02:59:04.700

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 4.0 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

3.9

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-200

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application ibm spss_modeler 14.2.0.0 Yes
Application ibm spss_modeler 14.2.0.1 Yes
Application ibm spss_modeler 14.2.0.2 Yes
Application ibm spss_modeler 14.2.0.3 Yes
Application ibm spss_modeler 15.0.0.0 Yes
Application ibm spss_modeler 15.0.0.1 Yes
Application ibm spss_modeler 15.0.0.2 Yes
Application ibm spss_modeler 15.0.0.3 Yes
Application ibm spss_modeler 16.0.0.0 Yes
Application ibm spss_modeler 16.0.0.1 Yes
Application ibm spss_modeler 16.0.0.2 Yes
Application ibm spss_modeler 17.0.0.0 Yes
Application ibm spss_modeler 17.0.0.1 Yes
Application ibm spss_modeler 17.1.0.0 Yes

References