VYPR
← All advisories
Critical severity9.9NVD Advisory· Published Mar 12, 2016· Updated May 6, 2026

CVE-2015-7411

CVE-2015-7411

Description

IBM Tivoli Monitoring portal client allows authenticated users to escalate privileges via HTTP interface packet manipulation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

IBM Tivoli Monitoring portal client allows authenticated users to escalate privileges via HTTP interface packet manipulation.

Vulnerability

The vulnerability resides in the HTTP interface between the Tivoli Enterprise Portal client and server in IBM Tivoli Monitoring (ITM). Affected versions include ITM 6.2.2 through Fix Pack 9, 6.2.3 through Fix Pack 5, and 6.3.0 through Fix Pack 6 [1][2]. An authenticated user can modify packets sent over this interface to alter their authority or permission levels, bypassing intended access controls [2].

Exploitation

An attacker must have network access to the HTTP interface and possess valid authentication credentials for the ITM portal. By intercepting and modifying packets exchanged between the portal client and server, the attacker can change their assigned authority or permission levels [2]. No additional user interaction is required beyond the initial authentication.

Impact

Successful exploitation allows the attacker to escalate privileges to administrator level. This enables them to execute commands on remote systems managed by IBM Tivoli Monitoring, leading to full compromise of confidentiality, integrity, and availability. The CVSS v3 base score is 9.9 (Critical) [1].

Mitigation

IBM has released fixes for this vulnerability. The permanent fix is included in ITM 6.3.0 Fix Pack 7. Provisional fixes are available for 6.3.0 Fix Pack 6 (IV77992), 6.3.0 Fix Pack 5, 6.2.3 Fix Pack 5, and 6.2.2 Fix Pack 9 [2]. The fix introduces additional authorization checking on the Tivoli Enterprise Portal Server. Users should apply the appropriate fix pack for their version. No workaround is documented.

References
  1. IBM Tivoli Monitoring Privileges Escalation through Authorization Bypass (CVE-2015-7411)
  2. IV77992: TIVOLI PORTAL REST INTERFACE PRIVILEGES ESCALATION THROUGH AUTHORIZATION BYPASS

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

13
  • IBM/Tivoli Monitoring13 versions
    cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
    • (no CPE)range: 6.2.2 through FP9, 6.2.3 through FP5, 6.3.0 through FP6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.