Описание
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:8.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:9.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:10.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:10.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium_database_activity_monitor:10.01:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00569
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.
EPSS
Процентиль: 68%
0.00569
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284