Описание
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ibm:tivoli_management_framework:3.7.1:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.0021
Низкий
9 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
EPSS
Процентиль: 44%
0.0021
Низкий
9 Critical
CVSS2
Дефекты
NVD-CWE-Other