exploitDog

GHSA-xjxh-q8mg-f6v9

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.

IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.

Ссылки

EPSS

Процентиль: 55%

0.00325

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-384

Связанные уязвимости

CVE-2019-4227

CVSS3: 7.3

nvd

больше 6 лет назад

IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.

EPSS

Процентиль: 55%

0.00325

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-384