CVE-2017-1356

Опубликовано: 07 дек. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683.

Ссылки

http://www.securityfocus.com/bid/102033
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/126683
Issue Tracking
VDB Entry
Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=swg22005835
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/102033
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/126683
Issue Tracking
VDB Entry
Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=swg22005835
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:atlas_ediscovery_process_management:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:atlas_ediscovery_process_management:6.0.3.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:atlas_ediscovery_process_management:6.0.3.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:atlas_ediscovery_process_management:6.0.3.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:atlas_ediscovery_process_management:6.0.3.5:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00572

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-rf56-hp2j-5748