Описание
IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:rational_automation_framework:3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_automation_framework:3.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_automation_framework:3.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_automation_framework:3.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_automation_framework:3.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_automation_framework:3.0.0.5:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00225
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.
EPSS
Процентиль: 45%
0.00225
Низкий
7.5 High
CVSS2
Дефекты
CWE-264