CVE-2020-4759

Опубликовано: 09 нояб. 2020

Источник: nvd

CVSS3: 7

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/188736
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6336917
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/188736
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6336917
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:filenet_content_manager:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_content_manager:5.5.5:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00421

Низкий

7 High

CVSS3

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-1236

Связанные уязвимости

GHSA-wq79-2f22-34w5

github

больше 3 лет назад

EPSS

Процентиль: 62%

0.00421

Низкий

7 High

CVSS3

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-1236