CVE-2021-29888

Опубликовано: 02 нояб. 2021

Источник: nvd

CVSS3: 6.5

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/207123
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6509618
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/207123
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6509618
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00109

Низкий

6.5 Medium

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-34ch-3j79-h23c

github

больше 3 лет назад

EPSS

Процентиль: 30%

0.00109

Низкий

6.5 Medium

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352