CVE-2021-38965

Опубликовано: 17 янв. 2022

Источник: nvd

CVSS3: 6.3

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 212346.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/212346
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6509840
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/212346
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6509840
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:filenet_content_manager:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_content_manager:5.5.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_content_manager:5.5.7:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02314

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-h477-p4j9-h8jp

github

около 4 лет назад

EPSS

Процентиль: 84%

0.02314

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78