exploitDog

CVE-2017-1681

Опубликовано: 11 янв. 2018

Источник: nvd

CVSS3: 3.3

CVSS2: 2.1

EPSS Низкий

Описание

IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22011863
Vendor Advisory
http://www.securitytracker.com/id/1040357
https://exchange.xforce.ibmcloud.com/vulnerabilities/134003
VDB Entry
http://www.ibm.com/support/docview.wss?uid=swg22011863
Vendor Advisory
http://www.securitytracker.com/id/1040357
https://exchange.xforce.ibmcloud.com/vulnerabilities/134003
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:liberty:*:*:*:*:*:bluemix:*:*

Версия до 3.15 (включая)

EPSS

Процентиль: 17%

0.00054

Низкий

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-r22g-6925-fmw4

CVSS3: 3.3

github

больше 3 лет назад

IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003.

EPSS

Процентиль: 17%

0.00054

Низкий

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200