Описание
IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to write to arbitrary folders, and consequently execute arbitrary commands, via a modified argument.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:security_appscan:8.5:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:security_appscan:8.7:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:security_appscan:8.8:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:security_appscan:9.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:security_appscan:9.0.0.1:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:security_appscan_source:9.0.1:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 80%
0.01343
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to write to arbitrary folders, and consequently execute arbitrary commands, via a modified argument.
EPSS
Процентиль: 80%
0.01343
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264