exploitDog

GHSA-wq4v-jc7c-r7pj

Опубликовано: 21 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.

IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.

Ссылки

EPSS

Процентиль: 19%

0.00061

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-27871

CVSS3: 7.5

nvd

почти 3 года назад

IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.

EPSS

Процентиль: 19%

0.00061

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-89