Atos Eviden IDRA and IDCA Insecure Permissions Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in Atos Eviden IDRA and IDCA versions prior to 2.7.0, where a highly trusted role, Config Admin, could misuse their configuration privileges in a multi-partition environment to access confidential data. This vulnerability does not compromise data integrity or availability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to confidential data by allowing a Config Admin role to exceed its designated privileges.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Atos Eviden IDRA and IDCA Insecure Permissions Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating