exploitDog

GHSA-rq64-rq5p-3gh2

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 3.7

Описание

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.

Ссылки

EPSS

Процентиль: 50%

0.00266

Низкий

3.7 Low

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-2952

CVSS3: 3.7

nvd

около 9 лет назад

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.

EPSS

Процентиль: 50%

0.00266

Низкий

3.7 Low

CVSS3

CVE ID

Дефекты

CWE-200