Описание
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
Ссылки
- MitigationVendor Advisory
- VDB EntryVendor Advisory
- MitigationVendor Advisory
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.2.0 (включая) до 7.2.1.4 (включая)
Одно из
cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
EPSS
Процентиль: 36%
0.0015
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200