exploitDog

CVE-2015-7401

Опубликовано: 26 мар. 2018

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. IBM X-Force ID: 107106.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg21977425
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/107106
VDB Entry
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21977425
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/107106
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:curam_social_program_management:*:*:*:*:*:*:*:*

Версия от 6.1.0.0 (включая) до 6.1.1.1 (исключая)

EPSS

Процентиль: 29%

0.00105

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-53rf-mqh4-c9m2

CVSS3: 4.3

github

больше 3 лет назад

IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. IBM X-Force ID: 107106.

EPSS

Процентиль: 29%

0.00105

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200