Описание
IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618.
Ссылки
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_business_intelligence_server:10.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00234
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618.
EPSS
Процентиль: 46%
0.00234
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200