CVE-2021-38938

Опубликовано: 15 мар. 2024

Источник: nvd

CVSS3: 6.2

CVSS3: 5.5

EPSS Низкий

Описание

IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/210989
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6832964
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/210989
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6832964
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:host_access_transformation_services:*:*:*:*:*:*:*:*

Версия от 9.6 (включая) до 9.6.1.4 (включая)

cpe:2.3:a:ibm:host_access_transformation_services:*:*:*:*:*:*:*:*

Версия от 9.7 (включая) до 9.7.0.3 (включая)

EPSS

Процентиль: 6%

0.00024

Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-522

Связанные уязвимости

GHSA-q6xw-9fp6-v5f6

CVSS3: 6.2

github

почти 2 года назад

IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989.

EPSS

Процентиль: 6%

0.00024

Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-522