exploitDog

GHSA-hmr7-w49c-jw8r

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.

The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.

Ссылки

EPSS

Процентиль: 99%

0.77135

Высокий

CVE ID

Связанные уязвимости

CVE-2007-1868

nvd

почти 19 лет назад

The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.

EPSS

Процентиль: 99%

0.77135

Высокий

CVE ID