Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-4305

Опубликовано: 09 июл. 2020
Источник: nvd
CVSS3: 8.1
CVSS3: 8.8
CVSS2: 9.3
EPSS Низкий

Описание

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Версия от 11.7.0.0 (включая) до 11.7.1.1 (включая)
cpe:2.3:a:ibm:infosphere_information_server:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server:11.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server_on_cloud:*:*:*:*:*:*:*:*
Версия от 11.7.0.0 (включая) до 11.7.1.1 (включая)
cpe:2.3:a:ibm:infosphere_information_server_on_cloud:11.5.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 80%
0.01393
Низкий

8.1 High

CVSS3

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-502

Связанные уязвимости

github логотип

GHSA-7r84-f4r2-q9q9

github
больше 3 лет назад

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677.

EPSS

Процентиль: 80%
0.01393
Низкий

8.1 High

CVSS3

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-502