CVE-2018-1683

Опубликовано: 26 сент. 2018

Источник: nvd

CVSS3: 5.9

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. IBM X-Force ID: 145455.

Ссылки

http://www.securitytracker.com/id/1041720
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/145455
VDB Entry
Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=ibm10716533
Vendor Advisory
http://www.securitytracker.com/id/1041720
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/145455
VDB Entry
Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=ibm10716533
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:*

Версия до 18.0.0.3 (исключая)

EPSS

Процентиль: 39%

0.00178

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-311

Связанные уязвимости

GHSA-r586-f347-cfhg

CVSS3: 7.5

github

больше 3 лет назад

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. IBM X-Force ID: 145455.

EPSS

Процентиль: 39%

0.00178

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-311