Описание
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:algo_credit_limits:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:algo_credit_limits:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:algorithmics:-:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.1001
Средний
4.9 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations.
EPSS
Процентиль: 93%
0.1001
Средний
4.9 Medium
CVSS2
Дефекты
CWE-20