Описание
IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:b2b_advanced_communications:1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:b2b_advanced_communications:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:b2b_advanced_communications:1.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:b2b_advanced_communications:1.0.0.3:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:ibm:multi-enterprise_integration_gateway:1.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00267
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network.
EPSS
Процентиль: 50%
0.00267
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200