IBM Tivoli NetView for z/OS Privilege Escalation

High Nessus Plugin ID 70173


The remote host may be running software with a privilege escalation vulnerability.


The remote host appears to have IBM Tivoli NetView installed that is affected by a privilege escalation vulnerability. A Unix System Services authenticated attacker may be able to gain the privileges of the NetView application.

Note that Nessus has not tested for the issues, but instead has relied only on the detected version number. Nessus is unable to determine if the patches for this vulnerability are installed as it does not change this detected version number.


Updates are available from the vendor.

See Also

Plugin Details

Severity: High

ID: 70173

File Name: ibm_netview_zos_privilege_escalation.nasl

Version: 1.3

Type: local

Family: Misc.

Published: 2013/09/27

Modified: 2014/05/24

Dependencies: 11153

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_netview

Required KB Items: Secret/ClearTextAuth/login, Secret/ClearTextAuth/pass

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/12/21

Vulnerability Publication Date: 2012/12/21

Reference Information

CVE: CVE-2012-5951

BID: 57036

OSVDB: 88725

IAVA: 2013-A-0021