CVE-2015-5013

Опубликовано: 08 фев. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg21993722
Patch
Vendor Advisory
http://www.securityfocus.com/bid/96090
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037792
Third Party Advisory
VDB Entry
http://www.ibm.com/support/docview.wss?uid=swg21993722
Patch
Vendor Advisory
http://www.securityfocus.com/bid/96090
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037792
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:security_access_manager_9.0:-:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00108

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-h9rg-p4hj-685q

CVSS3: 5.5

github

больше 3 лет назад

The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.

EPSS

Процентиль: 30%

0.00108

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-522