CVE-2015-2030

Опубликовано: 04 окт. 2015

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers to obtain access via a brute-force attack.

Комментарий

CWE-307: Improper Restriction of Excessive Authentication Attempts

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098
Patch
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105
Patch
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21966044
Patch
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098
Patch
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105
Patch
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21966044
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_extreme_scale:7.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00254

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3qcg-4hp6-rx66

github

больше 3 лет назад