exploitDog

GHSA-3xh8-3p84-p59c

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 130807.

IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 130807.

Ссылки

EPSS

Процентиль: 69%

0.00596

Низкий

8.8 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2017-1539

CVSS3: 8.8

nvd

больше 8 лет назад

IBM Business Process Manager 7.5, 8.0, and 8.5 is vulnerable to privilege escalation by not properly distinguishing internal group memberships from user registry group memberships. By manipulating LDAP group membership an attack might gain privileged access. IBM X-Force ID: 130807.

EPSS

Процентиль: 69%

0.00596

Низкий

8.8 High

CVSS3

CVE ID