exploitDog

GHSA-wcv9-7cmw-hf38

Опубликовано: 11 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authenticated user to change the password of another user without prior knowledge of that password.

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authenticated user to change the password of another user without prior knowledge of that password.

Ссылки

EPSS

Процентиль: 10%

0.00034

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-620

Связанные уязвимости

CVE-2025-13148

CVSS3: 8.1

nvd

около 2 месяцев назад

IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authenticated user to change the password of another user without prior knowledge of that password.

EPSS

Процентиль: 10%

0.00034

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-620