Описание
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) techniques. IBM X-Force ID: 124740.
Ссылки
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.0 (включая) до 10.5 (включая)
cpe:2.3:a:ibm:security_guardium:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00099
Низкий
3.7 Low
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) techniques. IBM X-Force ID: 124740.
EPSS
Процентиль: 28%
0.00099
Низкий
3.7 Low
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-295