Описание
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 120252.
Ссылки
- PatchVendor Advisory
- Broken Link
- PatchVendor Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02062
Низкий
8.4 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 8.4
github
больше 3 лет назад
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 120252.
EPSS
Процентиль: 84%
0.02062
Низкий
8.4 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-284